LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 07-27-2010, 04:32 PM   #1
pwn
LQ Newbie
 
Registered: Jul 2010
Posts: 8

Rep: Reputation: 0
Enabling full routing site to site with openvpn, not using masquerading. Tried quagga


Hey guys,

I've been on a quest to enable full routing through my openvpn tunnel between my office and the colo. Masquerading will work, however it will throw off anything key based and makes a lot of things just more difficult and vague in general. Is there an easy way to do this via iptables? I tried using quagga hoping it would magically solve my problems, however it does not seem to do my routing for me . I just did a basic static route within zebra...

Anyway, has anybody does this? I am desperate. I've done searching.

Thanks,
Morgan
 
Old 07-29-2010, 06:32 AM   #2
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
OpenVPN has nothing in common with routing. It is just encrypted tunnel between two host/computers.
Routing is in the routing table and you can see it and manually configure in accordance with your needs. I suggest to draw a picture of your network and analyze which packets where should go and add appropriate route for them. You can do it manually with "ip" command or "route".
 
Old 07-29-2010, 06:00 PM   #3
pwn
LQ Newbie
 
Registered: Jul 2010
Posts: 8

Original Poster
Rep: Reputation: 0
Let me restate. Lets take OpenVPN out of the equation. I have two networks connected to a linux machine, and I want to be able to pass traffic between the clients from both networks. I do not want to use masquerading, which is essentially a nat. I want to have a "full routing" type of setup, where if I connect from client A through the linux router to client B, it shows client A's IP as the connecting host and not the linux router's IP (which would happen if it was doing NAT).

I want true routing functionality.

Last edited by pwn; 07-29-2010 at 06:51 PM.
 
Old 07-30-2010, 07:31 AM   #4
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Quote:
Originally Posted by pwn View Post
Let me restate. Lets take OpenVPN out of the equation. I have two networks connected to a linux machine, and I want to be able to pass traffic between the clients from both networks. I do not want to use masquerading, which is essentially a nat. I want to have a "full routing" type of setup, where if I connect from client A through the linux router to client B, it shows client A's IP as the connecting host and not the linux router's IP (which would happen if it was doing NAT).

I want true routing functionality.
ok, that is actually an easiest configuration.
You have Linux box with two networks, which is connected to the two ethernet cards, so when you activate those two ethernet interfaces, let's say for 192.168.5.0 and 192.168.6.0 networks, you should get in "route -n" output:
Code:
linux-xmc2:~ # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.6.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
Now, when client with 192.168.5.100 will try to establish connection with 192.168.6.20 it will send packets to the GW (192.168.5.1), then GW will look into routing table and will find that 192.168.6.20 belong to 192.168.6.0 network on eth1, and will send packets to eth1.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
site to site vpn racoon with cisco asa 5505 routing issues wastingtime Linux - Networking 1 04-02-2010 01:26 PM
Basics of a multiple site OpenVPN setup Meson Linux - Networking 3 09-21-2009 02:38 AM
Apache site redirects using what rule? foo.site.com -> www.site.com/foo LaughingBoy Linux - Server 2 04-16-2009 10:51 PM
multiple site-2-site openvpn connections? licht Linux - Networking 2 07-20-2007 11:00 PM
Enabling SSI so I can use a site counter? WorldBuilder Linux - Networking 3 12-15-2003 11:13 AM


All times are GMT -5. The time now is 05:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration