[K12OSN] K12OSN a bit OT - how to make responses on the same interface request came in

Julius Szelagiewicz julius at turtle.com
Thu Oct 30 17:34:55 UTC 2008 

Terrell,
	Thank you for the speedy response. I see that I made my usual
mess when asking a simple question, so I'll try to to clean it up:

server A: eth1 routable public address 74.x.x.x, frac T1,
	eth2 cable non-routable address 192.168.x.x, fast, default route
	openvpn run as server and client
server B: eth1 cable, non routable 10.10.x.x
	openvpn run as client only
server C: eth1 routable public address 65.x.x.x
	openvpn run as server and client
server D: eth1 routable public address 216.x.x.x
	openvpn run as server

server A connects as openvpn client to server D using default route and
to server C on 65.x.x.x using eth2 by the way of a simple ip route add command.

server B connects as openvpn client to server C on 65.x.x.x

server B needs to connect as openvpn client to server A on 74.x.x.x, this
fails because on server A the UDP packets come on eth2, but responses go
on eth1. The address of server B is private (ISP provided) and changes
dynamically.

	What do I do to make server B connect to server A using openvpn?

I hope that is clearer. Btw, your answer is spot on for the question I
asked instead of the question I meant to ask.

julius



On Thu, 30 Oct 2008, [ISO-8859-1] "Terrell Prudé Jr." wrote:

>
> Julius Szelagiewicz wrote:
> > Dear Folks,
> > 	I am somewhat stumped with a simple networking scenario:
> > eth0 - internal,
> > eth1 - external fast, dhcp non-routable, default route,
> > eth2 - external public address not very fast.
> > 	I am using openvpn and for connections to other servers I can
> > easily specify which interface to use. What I need to do is to connect to
> > openvpn server process on eth2. Unfortunately packets come in on eth2 but
> > travel out on eth1 - default. Source based routing is no help, since I am
> > not just passing the packets based on the incoming interface, but I'm
> > trying to push responses on eth2. Essentialy, on receipt on eth2 of an UDP
> > packets on port 1194 I need to answer with UDP packet om port 1194 on
> > eth2.
> > 	The computers trying to connect have only private addresses from
> > cable ISPs.
> > 	Any suggestions? Please ...
> > julius
> >
>
> What I'd do is make a static route for this OpenVPN server, pointing to
> eth2's next hop.  Something like this:
>
>   thedude at linuxbox# route add -host w.x.y.z gw a.b.c.d
>
> where w.x.y.z is the OpenVPN box that you want to talk to, and a.b.c.d
> is eth2's next-hop router.  Now, if you have a bunch of OpenVPN boxes in
> the same subnet that you have to talk to--for example, the 44.55.66.0/24
> network, I'd do it like this:
>
>   thedude at linuxbox# route add -net 44.55.66.0 netmask 255.255.255.0 gw
> a.b.c.d
>
> where, again, a.b.c.d is eth2's next hop.
>
> --TP
> _______________________________
> Do you GNU <http://www.gnu.org>?
> Microsoft Free since 2003 <http://www.cmosnetworks.com>--the ultimate
> antivirus protection!
>
>

More information about the K12OSN mailing list