Hello,

I've got a wrong routing in my routing table.
I'm not sure how it got there.
80.0.0.0/8 dev ipsec0 proto kernel scope link src 80.x.x.x
where 80.x.x.x is the ip address of the ADSL

A trace of what's happening with rtmon showed that it reappears every time the ADSL-connection is reconnected.
That's when the IPSec interfaces are added, because the ADSL is also used for IPSec connections.

rtmon trace says:
broadcast 80.0.0.0 dev ipsec0 table local kernel scope link src 80.x.x.x
(where 80.x.x.x is the ip address of the ADSL).

/var/log/messages says at the same timestamp:
adding interface ipsec0/ppp3 80.x.x.x:500
adding interface ipsec0/ppp3 80.x.x.x:4500
(where 80.x.x.x is the ip address of the ADSL).

I guess the adding of those interfaces is what adds the routing,
but I think it ought to be with a subnet /32, at least not /8.

How can I influence that?
In which files could those settings be?

We are using webmin to change all the settings, so I can't see what I'm really doing.

Any help would be greatly appreciated.

Katrin

Is this something that is not working properly? Or does it just "not look right" to you? 80.x is in the class A (/8) range..so unless it has been further subnetted that is correct. Does the interface receive it's address via DHCP or is it static? If it is given via DHCP and it's not working properly you will need to take it up with the telco. If it is static what is the subnet mask supposed to be? Certainly not 255.255.255.255 (/32). I don't know what you mean by it being configured by webmin..is it a router or server or what? What distribution is it running? What services is it running? Can you connect TO it from the outside? Can you connect FROM it to the outside? I guess I don't understand what issues you're having..if any at all.

Thanks for your answer.

The problem is the following:
That router has an IP-Sec connection via ppp3 AND it needs to be reached from the "normal" Internet via ppp3.
If one of those "normal" Internet- Addresses happens to start with 80 it's not routed back to ppp3, but to ipsec0. So the SynAck never reaches it's destination.
Everything works normally if the internet-addresses start with a different number, that's why we hadn't noticed the problem up to now.

The 80.x.x.x IP-Address is from the provider, it's assigned when the PPPoE is connected. Since it's a DSL connection, it only has that one IP-Address.

Webmin is a kind of GUI, which we're using instead of editing the .conf-Files themselves.
I could also edit the .conf files, but I don't have the proper knowledge yet.

We're buying those routers from a company which basically tells us how to set up the routers, but they don't have an answer for me either.
The OS is Linux 2.6.32.45

Do you know how I can find out which of the programs is responsible to add that routing?
If the problem is in one of the scripts that company uses, I might not have a chance to find out.