26 Dec
2014
26 Dec
'14
2:40 p.m.
On 26-12-14 19:38, Marius Petrescu wrote:
You need to do some source routing using ip rules...
First, you need 2 ip tables for routing different traffic, and the easiest
way is to use existent ones, in this case tables 'main' and 'default'.
The main table is used by the normal routing (and make sure ampr-ripd is
using that table, else you need to adapt).
The default table will be used to route traffic from the internet via tunnel
and back.
Let's assume your tunnel interface is called ampr0 and your ampr IP is
44.1.1.1
First you need to bring up the tunnel:
ip tun add ampr0 mode ipip ttl 64 local <your_public_interface_ip>
Then add the following route and rules:
ip route add default via 169.228.66.251 dev ampr0 onlink table default
ip rule add from 44.1.1.1 table default
ip rule add from 44.1.1.1 to 44.0.0.0/8 table main
Next bring up ampr-ripd:
ampr-ripd -s -i ampr0 -p ThePassword
This should do it...
Have fun,
The fun can begin. It works. Thanks.
Because 44.137.0.0/16 is announced on the internet with it's own Gw, I
do not have ucsd as default gw for the tunnel.
This is my config script.
/sbin/ip tunnel add tun1 mode ipip local 88.159.160.228 ttl 64
/sbin/ifconfig tun1 44.137.24.1/32 multicast up
/sbin/ip route add default via 213.222.29.194 dev tun1 onlink table default
/sbin/ip rule add from 44.137.24.1 table default
/sbin/ip rule add from 44.137.24.1 to 44.0.0.0/8 table main
/usr/sbin/ampr-ripd -s -i tun1 -a 44.137.24.1,44.137.27.112/28 -p
ThePassword
Next I need to tweak some firewall rules, because I see some domain
service requests from local 192.168.x.x hosts on the tunnel.
Thanks guys!
//Arno