iptables + openvpn + eth0 and tun0

shadyabhi · 01-15-2011, 04:30 AM

Basically, I want to use both connections for internet simultaneously. Its like, if I want to download without using openvpn, I use

Code:

curl --interface eth0 www.google.com

And if I want to do it with openvpn, I do

Code:

curl --interface tun0 www.google.com

Route table before connecting to VPN;

Code:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.100.98.0     *               255.255.255.0   U     1      0        0 eth0
default         10.100.98.4     0.0.0.0         UG    0      0        0 eth0

With VPN using this configuration http://dl.dropbox.com/u/7728421/torvpn-shadyabhi.ovpn

Code:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.0.1       10.10.54.230    255.255.255.255 UGH   0      0        0 tun0
10.10.54.230    *               255.255.255.255 UH    0      0        0 tun0
free-vpn.torvpn 10.100.98.4     255.255.255.255 UGH   0      0        0 eth0
10.100.98.0     *               255.255.255.0   U     1      0        0 eth0
default         10.10.54.230    0.0.0.0         UG    0      0        0 tun0

After connecting to VPN by doing $sudo openvpn torvpn-shadyabhi.ovpn my all internet traffic goes through VPN gateway. But, I want a way so that I can use both eth0 and tun0 simultaneously.

Any ideas on how can I accomplish that?

mgbu · 01-17-2011, 12:08 PM

Quote:

Originally Posted by shadyabhi

After connecting to VPN by doing $sudo openvpn torvpn-shadyabhi.ovpn my all internet traffic goes through VPN gateway. But, I want a way so that I can use both eth0 and tun0 simultaneously.

Any ideas on how can I accomplish that?

Not sure what you mean by using both simultaneously. A packet can only be transmitted on one interface - which one do you want to use? You can only have one default route - yours is through tun0. You can change your default route to eth0 easily but you can't have more than one at a time.

xanthaos · 01-17-2011, 07:05 PM

Do you have a specific reason for needing to download from a vpn tunnel or are you wishing to increase bandwidth? If increasing bandwidth, this will be difficult, and usually requires use of an ether-channel, generally only available through high-end equipment such as Cisco switches and routers. If there are other reasons, I may not be able to help you with this one. Not sure if it's a tunnel issue or routing table issue.

shadyabhi · 01-18-2011, 03:44 AM

Quote:

Originally Posted by xanthaos

Do you have a specific reason for needing to download from a vpn tunnel or are you wishing to increase bandwidth? If increasing bandwidth, this will be difficult, and usually requires use of an ether-channel, generally only available through high-end equipment such as Cisco switches and routers. If there are other reasons, I may not be able to help you with this one. Not sure if it's a tunnel issue or routing table issue.

Its a routing issue. I am not able to use iptables for conditional routing.
And, I dont want to increase bandwidth as my VPN is also running from the same internet connection so there is no way I can increase my bandwidth.