How do I route my internet traffic over tun0?
Hi,
I have eth0 and tun0. tun0 is a VPN tunnel going over eth0. Everything on the other end is setup and working fine, when I type Code:
traceroute 4.2.2.1 When I then type Code:
route add -net 4.2.2.1 netmask 255.255.255.255 dev tun0 What does not work however is when I do Code:
route add -net 0.0.0.0 netmask 0.0.0.0 dev tun0 I believe the problem is because all traffic is routing over tun0, which means even the VPN tun0 needs to go through eth0, it can no longer do this. Is there a way around this where I can route everything except for 114.77.31.26 (which is my VPN gateway for tun0)? |
Quote:
Can you post output of: ip route show |
Yeah sure...
Code:
root@ubuntu-vmguest:/opt# route add -net 4.2.2.1 netmask 255.255.255.255 dev tun0 |
Thanks, but can you tell what exactly you want.
If you want everything go through VPN, you should add default router with VPN GW. Right now it is through eth0 and gw=192.168.2.99. |
The problem is if I do set tun0 as the default gateway, nothing works anymore. But if I only set it as the gateway for a 4.2.2.1/32 or 4.0.0.0/8 then it works for 4.x.x.x
|
What command did you use to add default route? If one from above it is not right. Default route includes network, its mask and GW.
|
I have tried it with route add default gw 10.8.0.1 dev tun0 but with the same issue.
|
Ok. Please, add default route through tun0 and post here output of command:
ip route show Also please, post output of command: ip addr show dev tun0 Thanks |
Ok I'll start from beginning "traceroute 4.2.2.1" routes traffic through 4.2.2.1.
EDIT: Ok I'll start from beginning "traceroute 4.2.2.1" routes traffic through 192.168.2.99 (eth0). Next I run "route add default gw 10.8.0.1 dev tun0" then again try "traceroute 4.2.2.1" and I get nothing. After running that those commands here are my routes: Code:
root@ubuntu-vmguest:~# ip route show This is what I want, but traffic doesn't route anywhere now, I am assuming this is because tun0 is a VPN connection going through 192.168.2.99 itself, but that may not be the problem, not sure :( |
Sorry, but I was asking about:
ip addr show dev tun0 and not: ip route show dev tun0 |
My bad, here it is:
Code:
root@ubuntu-vmguest:~# ip addr show dev tun0 |
First, please remove:
10.8.0.1 dev tun0, by "ip route del 10.8.0.1 dev tun0" I hope, this command will work. After this please, post again output for "ip addr show dev tun0" And also, tell can you "ping 10.8.0.2"? Can you: "ping 10.8.0.1"? |
Here we go
Code:
root@ubuntu-vmguest:~# ip route del 10.8.0.1 dev tun0 |
Ok. This is not really good.
I hope you know that VPN it is like tunnel between you computer and remote one, and "inet 10.8.0.2 peer 10.8.0.1/32 scope global tun0" - means (if I understand right) 10.8.0.1 on the other side of this tunnel. So if tunnel works you should be able to ping it. Lets do different thing. Delete default through tun0: ip route del default via 10.8.0.1 dev tun0 And add network according you tunnel: ip route add 10.8.0.0/24 dev tun0 Then post please output of: ip route show And try to: ping 10.8.0.1 |
Code:
root@ubuntu-vmguest:~# ip route del default via 10.8.0.1 dev tun0 Let me explain what I am trying to do. I have computer A (this one) which has eth0 192.168.2.11 with gateway 192.168.2.99 tun0 10.8.0.2 tunnel to 10.8.0.1 (to computer B) and I have computer B (the 10.8.0.1 network) which has: eth1 x.x.x.1 with gateway x.x.x.2 (can't remember what these numbers are) tun0 10.8.0.1 tunnel to 10.8.0.2 (to computer A) on computer A my traffic routes through 192.168.2.99, but I want it to route through 10.8.0.1 instead of 192.168.2.99. When I write "route add -net 4.0.0.0 netmask 255.0.0.0 dev tun0" for example then type "traceroute 4.2.2.3" it works and routes through 10.8.0.1 just like I want. Similar if I did "route add -net 5.0.0.0 netmask 255.0.0.0 dev tun0" and "route add -net 6.0.0.0 netmask 255.0.0.0 dev tun0" then all 5.x.x.x and 6.x.x.x would route through 10.8.0.1 (which is great!) The problem is how do I get ALL my traffic to route through 10.8.0.1 without defining 255 different class A addresses manually? Also, "route add -net 0.0.0.0 netmask 0.0.0.0 dev tun0" loses all my internet connection all together and I believe this is because OpenVPN loses its connection with tun0 because it behind the scenes routes through eth0 (since tun0 is only virtual). |
All times are GMT -5. The time now is 08:30 PM. |