LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Enabling full routing site to site with openvpn, not using masquerading. Tried quagga (https://www.linuxquestions.org/questions/linux-networking-3/enabling-full-routing-site-to-site-with-openvpn-not-using-masquerading-tried-quagga-822490/)

pwn 07-27-2010 03:32 PM
Enabling full routing site to site with openvpn, not using masquerading. Tried quagga
 
Hey guys,

I've been on a quest to enable full routing through my openvpn tunnel between my office and the colo. Masquerading will work, however it will throw off anything key based and makes a lot of things just more difficult and vague in general. Is there an easy way to do this via iptables? I tried using quagga hoping it would magically solve my problems, however it does not seem to do my routing for me :). I just did a basic static route within zebra...

Anyway, has anybody does this? I am desperate. I've done searching.

Thanks,
Morgan

nimnull22 07-29-2010 05:32 AM
OpenVPN has nothing in common with routing. It is just encrypted tunnel between two host/computers.
Routing is in the routing table and you can see it and manually configure in accordance with your needs. I suggest to draw a picture of your network and analyze which packets where should go and add appropriate route for them. You can do it manually with "ip" command or "route".

pwn 07-29-2010 05:00 PM
Let me restate. Lets take OpenVPN out of the equation. I have two networks connected to a linux machine, and I want to be able to pass traffic between the clients from both networks. I do not want to use masquerading, which is essentially a nat. I want to have a "full routing" type of setup, where if I connect from client A through the linux router to client B, it shows client A's IP as the connecting host and not the linux router's IP (which would happen if it was doing NAT).

I want true routing functionality.

nimnull22 07-30-2010 06:31 AM
Quote:
Originally Posted by pwn (Post 4049526)
Let me restate. Lets take OpenVPN out of the equation. I have two networks connected to a linux machine, and I want to be able to pass traffic between the clients from both networks. I do not want to use masquerading, which is essentially a nat. I want to have a "full routing" type of setup, where if I connect from client A through the linux router to client B, it shows client A's IP as the connecting host and not the linux router's IP (which would happen if it was doing NAT).

I want true routing functionality.
ok, that is actually an easiest configuration.
You have Linux box with two networks, which is connected to the two ethernet cards, so when you activate those two ethernet interfaces, let's say for 192.168.5.0 and 192.168.6.0 networks, you should get in "route -n" output:
Code:
linux-xmc2:~ # route -n
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
192.168.5.0    0.0.0.0        255.255.255.0  U    0      0        0 eth0
192.168.6.0    0.0.0.0        255.255.255.0  U    0      0        0 eth1
Now, when client with 192.168.5.100 will try to establish connection with 192.168.6.20 it will send packets to the GW (192.168.5.1), then GW will look into routing table and will find that 192.168.6.20 belong to 192.168.6.0 network on eth1, and will send packets to eth1.


All times are GMT -5. The time now is 03:58 PM.