On Fri, Dec 29, 2006 at 07:29:27PM +0530, Ritesh Raj Sarraf wrote: > Hi, Hi,
> > I have two network interfaces on my laptop (eth1 wired + eth2 wireless) and > both > are connected to the network. On eth2, to get things working, I need to run > VPN > (using vpnc) which adds another tunneling interface tun0. > > I'm looking for a clean way to mandate in my configuration: > a) All traffic for 10.x.x.x should go through eth1 > b) As for the rest, use eth2 i.e. tun0. > > Are there any utilities which can help ? > > Here's my routing table when only eth1 (the wired ethernet device) is > activated. > > geeKISSexy:~# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 10.73.16.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1 > 172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tap0 > 0.0.0.0 10.73.16.1 0.0.0.0 UG 0 0 0 eth1 > > > And this is when eth2 (the wireless device) gets activated. After eth2 is up, > it > executed vpnc from post-up. > > geeKISSexy:~# ifup eth2=eth2foo > Internet Software Consortium DHCP Client 2.0pl5 > Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. > All rights reserved. > > Please contribute if you find this software useful. > For info, please visit http://www.isc.org/dhcp-contrib.html > > sit0: unknown hardware address type 776 > eth0: unknown hardware address type 24 > sit0: unknown hardware address type 776 > eth0: unknown hardware address type 24 > Listening on LPF/eth2/00:13:02:b7:7a:7e > Sending on LPF/eth2/00:13:02:b7:7a:7e > Sending on Socket/fallback/fallback-net > DHCPREQUEST on eth2 to 255.255.255.255 port 67 > DHCPACK from 10.73.36.3 > bound to 10.73.36.230 -- renewal in 129600 seconds. > VPNC started in background (pid: 13917)... > > geeKISSexy:~# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 202.3.112.38 10.73.16.1 255.255.255.255 UGH 0 0 0 eth1 > 10.73.16.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1 > 10.73.36.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2 > 172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tap0 > 0.0.0.0 10.73.16.1 0.0.0.0 UG 0 0 0 eth1 where is the 'tun0' in above routing table (or you dumped routing table too early) ? > > > So currently, still everything is being routed through eth1. Surprisingly (or > maybe not) all is being routed through VPN which was fired in the post-up of > eth2 > > What I'm looking for is to know, what changes do I need to make into this > routing table so that: > a) All 10.x.x.x related traffic passes through eth1 > b) As for the rest (and default route) passes through eth2 What will be your gateway when rest of the traffic is routed through eth2 ? -- begin script -- netstat -ra |tail -n +3 |awk '{ print "route del -net "$1" netmask "$3" dev "$8 }' |sh -- end script -- You can use above command line to flush your routing table (during post vpnc phase), and then you can manually add desired routing table entries. Or you can hack above script, to avoid touching your 'tun0' entries, and finally manually adding routing entry for eth1. > > Thanks, > Ritesh > -- > Ritesh Raj Sarraf > RESEARCHUT - http://www.researchut.com > "Necessity is the mother of invention." > "Stealing logic from one person is plagiarism, stealing from many is > research." > "The great are those who achieve the impossible, the petty are those who > cannot - rrs" > > Thanks Ashish Shukla P.S. I've never played with tunnelling network interfaces, so I might be totally wrong. -- Ashish Shukla "Wah Java !!" आशीष शुक्ल ,= ,-_-. =. webpages: http://wahjava.googlepages.com ((_/)o o(\_)) weblog: http://wahjava.wordpress.com `-'(. .)`-' PGP: 1E00 4679 77E4 F8EE 2E4B 56F2 1F2F 8410 762E 5E74 \_/ _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
