As described here: > 10.0.13.2 dev tun0 proto kernel scope link src 10.0.13.1 > 10.0.13.0/24 via 10.0.13.2 dev tun0
You are not in the 10.0.13.0/24 entire network, I presume you are 10.0.13.1 in the 10.0.13.0/30 network, and 10.0.13.2 is the next hop. > ip route add 192.168.9.0/24 via 10.0.13.14 dev tun0 > and I got > RTNETLINK answers: Network is unreachable Yes, because you can only use gateways that are on the same net as you, and you are not on the 10.0.13.0/24. On Thursday 15 March 2007 06:50, Peter Rabbitson wrote: > Arx:~# ip addr > ... > 3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000 > link/ether 00:04:e2:09:6c:ea brd ff:ff:ff:ff:ff:ff > inet 192.168.13.1/24 brd 192.168.13.255 scope global eth1 > ... > 5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,10000> mtu 1500 qdisc > pfifo_fast qlen 100 > link/[65534] > inet 10.0.13.1 peer 10.0.13.2/32 scope global tun0 > > Arx:~# ip route > A.A.A.B dev ppp0 proto kernel scope link src A.A.A.A > 10.0.13.2 dev tun0 proto kernel scope link src 10.0.13.1 > 10.0.13.0/24 via 10.0.13.2 dev tun0 > 192.168.13.0/24 dev eth1 proto kernel scope link src 192.168.13.1 > default dev ppp0 scope link > > > > CLIENT (192.168.9.11, machine behind a router) > > [EMAIL PROTECTED]:~# ip addr > ... > 2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000 > link/ether 00:11:09:8d:4f:c1 brd ff:ff:ff:ff:ff:ff > inet 192.168.9.11/24 brd 192.168.9.255 scope global eth0 > ... > 5: tun_arx: <POINTOPOINT,MULTICAST,NOARP,UP,10000> mtu 1500 qdisc > pfifo_fast qlen 100 > link/[65534] > inet 10.0.13.14 peer 10.0.13.13/32 scope global tun_arx > > [EMAIL PROTECTED]:~# ip route > 10.0.13.13 dev tun_arx proto kernel scope link src 10.0.13.14 > 10.0.13.1 via 10.0.13.13 dev tun_arx > 192.168.13.0/24 via 10.0.13.13 dev tun_arx > 192.168.9.0/24 dev eth0 proto kernel scope link src 192.168.9.11 > default via 192.168.9.1 dev eth0 > > > From the client ping 192.168.13.1 works as expected. I want to be able > to ping 192.168.9.20 from the server. So on the server I did: > ip route add 192.168.9.0/24 via 10.0.13.14 dev tun0 > and I got > RTNETLINK answers: Network is unreachable > > Then I tried both > ip route add 192.168.9.0/24 via 10.0.13.1 dev tun0 > ip route add 192.168.9.0/24 via 10.0.13.2 dev tun0 > which seem to work, but the icmp packets vanish in the tunnel. I checked > all my firewall settings and the ip_forward settings on both systems. I > looked at the tunnel with tcpdump - packets go in and never come out. > > Any suggestions? > > Thanks > Peter > > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- André Guimarães Databras Informática Matriz RJ - 55 (21) 2518-2363 Filial ES - 55 (27) 3233-0098 http://www.databras.com.br _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
