Mario,
I guess I'm still missing something.
In your suggestion below, 44.1.1.1 is the address assigned to the AMPRnet tunnel on the linux box. But once the inbound packet arrives there, it must still traverse another tunnel, tun0, to JNOS (in my case). Then JNOS responds. But the source address is JNOS's address. Linux is just acting as a multi-interface router. So an "ip rule" based on a linux interface as the "from" address doesn't apply.
Or, does your solution assume that linux is also NAT'ing the traffic, converting the source address of the outbound back from the JNOS address to the 44.1.1.1 address, after which the ip rule gets applied. (I'm not sure of the processing order. I'd have to get out my iptables book!)
Thanks, Michael N6MEF
You need to do some source routing using ip rules... First, you need 2 ip tables for routing different traffic, and the
easiest
way is to use existent ones, in this case tables 'main' and 'default'. The main table is used by the normal routing (and make sure ampr-ripd is using that table, else you need to adapt). The default table will be used to route traffic from the internet via tunnel and back.
Let's assume your tunnel interface is called ampr0 and your ampr IP is 44.1.1.1 First you need to bring up the tunnel:
ip tun add ampr0 mode ipip ttl 64 local <your_public_interface_ip>
Then add the following route and rules:
ip route add default via 169.228.66.251 dev ampr0 onlink table default
ip rule add from 44.1.1.1 table default
ip rule add from 44.1.1.1 to 44.0.0.0/8 table main
Next bring up ampr-ripd:
ampr-ripd -s -i ampr0 -p ThePassword
This should do it...
Have fun, Marius, YO2LOJ
-----Original Message----- From: 44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu [mailto:44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu] On Behalf Of Arno Verhoeven Sent: Friday, December 26, 2014 18:58 To: 44net@hamradio.ucsd.edu Subject: [44net] How to make traffic coming in on the tunnel interface
get
answered from that interface?
(Please trim inclusions from previous messages) _______________________________________________ Hi,
I am looking for help setting up a conditional routing table.
I have my tunnel up and running. I can reach other 44-net host. amrp-ripd is used to fill the routing table.
So far so good, but I would like one of the web-sites (apache httpd vhost) to be reachable from both 44-net and non-44-net. If i check with tcpdump I see traffic coming in when I try to access the web-site (pi8zaa.ampr.org) via the Internet (I used my phone connected to t-mobile network). But it doesn't work because my server routes the replies to my ISP's Gw where they get source filtered.
Basically I want/need traffic that comes in via the tunnel to get answered from the tunnel interface.
I Googled for a solution. Found lots of variant of this http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html but if I understand what is described there correctly, then that is not exactly what I need. Maybe I don't understand iproute2 and its routing table concept correctly. They way I understand it, those examples assume destination routing based on provider subnet, while in my case the destination is on the Internet, and in normal cases should be routed via my ISP except if it came in via the tunnel.
Thanks for any help you can offer.
73 PE1ICQ // Arno _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net