Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 12-13-2013, 02:58 AM   #1
LQ Newbie
Registered: Mar 2004
Location: LinuxCountry
Distribution: CentOS/RHEL
Posts: 2

Rep: Reputation: 0
Question Routing question

Hi all,
We have 2 LAN connected via OpenVPN tunnel (mode p2p).
On LAN-2, there is a 3rd LAN connected to 2nd via Linux box ( in attached image).

From LAN-1 ( I can ping any host of LAN-2 (

From LAN-2, I can ping any host of LAN-3 (

So my question how to route traffic from LAN-1 to LAN-3? I would like to reach LAN-3's hosts from LAN-1.

Attached Thumbnails
Click image for larger version

Name:	network-vpn-question.png
Views:	23
Size:	177.7 KB
ID:	14196  
Old 12-13-2013, 09:04 AM   #2
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
On firewall/router in LAN-1 add a static route to LAN-2
Taken from memory, you'll want to check the syntax:
route add -net netmask (I assume that's the ip of router on LAN-2)
Old 12-13-2013, 09:58 PM   #3
Registered: Sep 2003
Location: ky
Distribution: gentoo
Posts: 397

Rep: Reputation: 32
google quagga it is very cool. Would help more but just learning linux dynamic routing
Old 12-15-2013, 04:51 PM   #4
Registered: Jan 2003
Location: Cambridgeshire, UK
Distribution: Mint (Desktop), Debian (Server)
Posts: 876

Rep: Reputation: 184Reputation: 184
Any device acting as router must have routing information by which to route. There are different types of route in the route table. Connected routes (aka local or direct routes) are implied by the configuration of the interface. i.e. Host knows it has a route available via its ethernet port because you have literally told it by configuring it.

Indirect routes are those in which the host does not personally belong. So cannot infer knowledge about from its local network memberships. It somehow has to learn about where this network is located and how to get to it.

This can be done by a adding a Static route, which is put into the config of the host to tell it how to reach this indirect route e.e gw 192.168.53.x. Alternatively you can tell it how to reach all indirect routes, if there is only one path out of the local network, by adding a default-route In most desktop operating systems this is basically the default gateway.

Remember that routes are unidirectional. needs a route to reach 192.168.63.x but likewise needs a route configured to get to 192.168.43.x. Each node only knows about the networks it is a member of unless you tell it about others.

The alternative to static routes, which I'm sure you will have guessed by now don't really scale very well (the internet is running at around 475,000 routes at the moment) is to use a dynamic routing protocol such as RIP, OSPF or BGP. These protocols allow to "talk" to each other and thus exchange information about the networks they can reach.

This is where quagga comes in as it provides the routing deamons that allow these routing protocols to function.

That being said, each of these protocols has its own peculiarities and learning curve and I'm not sure its really justified by the small size of your network.

SO you really just need to ensure that each host has a default route to their respective "router" (which any device that is forwarding packets between networks) and each router has either connected or static routes to all networks.

You would add static routes, these days on modern kernels, by using route add -net gw <next hop>

Next hop will either be the exit interface in the case of the vpn tunnel as its point-to-point it only has one end point, or for a LAN because there are many hosts available the IP address of the next hop router.

Last edited by baldy3105; 12-15-2013 at 04:56 PM.
Old 12-17-2013, 09:08 PM   #5
LQ Newbie
Registered: Dec 2013
Location: Oregon
Distribution: Debian, RHEL, SLES, Mint
Posts: 6

Rep: Reputation: Disabled
In cisco speak it would be a route statement of "ip route" on the box. Assuming .1 is also the 43 network's default gateway.

I would design the network differently to avoid this kind of issue. Hub and spoke connecting each class C as example. Then each /24 is a local connected and routing decisions are trivial.

Last edited by xplorn; 12-17-2013 at 09:09 PM.


openvpn, routing

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Routing question naghi32 Linux - Networking 3 12-25-2008 06:55 PM
Routing Question Pryach Linux - Networking 7 03-07-2006 08:19 PM
routing question jeffvph Linux - Networking 9 07-24-2005 08:09 PM
IP Routing Question yvesg Linux - Networking 2 05-11-2004 07:13 AM
Routing question palanisaravanan Linux - Newbie 1 03-22-2004 05:26 AM

All times are GMT -5. The time now is 07:14 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration