[Gvpe] routing help

not icognito n.icognito at mail.com
Wed Jan 28 23:20:32 CET 2015


Hi,
 
I setup a working GVPE VPN with the full routing hints suggested in the GVPE README, but I'm fumbling with the routing. The GVPE nodes all communicate fine with each other with any of the 10.2.0.0/16 addresses on gvpe0 and eth0. I basically wish for my LAN (10.1.1.0/24) to communicate with the remote GVPE hosts via 10.1.1.13. With tshark, I can actually see icmp packets make it through to the remotes from my desktop (10.1.1.4), but the remotes do not reply. My first iptables rule on both remotes accept all gvpe0 traffic.

I think I'm missing a route for 10.1.1.0/24 on the remotes, but I haven't figured out what to add. Am I doing it all wrong? 


atlanta (remote, hosted VM)
  interfaces:
    gvpe0 10.2.3.1/16, eth0 10.2.3.2/24 (probably don't need eth0 here)
  routing:
    10.2.0.0/16 via 10.2.3.1 dev gvpe0 
    10.2.3.0/24 dev eth0  proto kernel  scope link  src 10.2.3.2 
 
buffalo  (remote, hosted VM)
  interfaces:
    gvpe0 10.2.2.1/16, eth0 10.2.2.2/24 (probably don't need eth0 here)
  routing:
    10.2.0.0/16 via 10.2.2.1 dev gvpe0
    10.2.2.0/24 dev eth0 proto kernel scope link src 10.2.2.2
 
brooklyn (local, GVPE GW with ip forwarding enabled)
  interfaces:
    gvpe0 10.2.5.1/16, eth0 10.2.5.2/24, eth0 10.1.1.13/24
  routing:
    10.1.1.0/24 dev eth0 proto kernel scope link src 10.1.1.13
    10.2.0.0/16 via 10.2.5.1 dev gvpe0
    10.2.5.0/24 dev eth0 proto kernel scope link src 10.2.5.2

router (local, static route to the GVPE GW)
  interface:
    switch0 10.1.1.1/24
  routing:
    10.1.1.0/24 dev switch0  proto kernel  scope link  src 10.1.1.1
    10.2.0.0/16 via 10.1.1.13 dev switch0  proto zebra



More information about the gvpe mailing list