I have this:
publicIP(server)-netA--internet(netC)--netB--172.26.3.0/24
I have tunnel between netA and netB. The tunnel is for manage some network devices what are using private IP from network 172.26.3.0/24. Now if I ping from publicIP (it could be server with nagios). Echo request packet is routed through tunnel and reaches 172.26.3.1(device) but echo reply is routed via default route on netB gateway and NATed out to internet.
Question: Could I somehow discover that echo request traveled
by tunnel so reply should take same way?
What tunneling technology are you using (IPIP, GRE, VPN (ESP/AH/PPTP/...) ) ?
Normally you'd configure the tunnel endpoint routers at both sites to have recipriocal routing entries for each others subnet. Also configure on the endpoint hosts a black hole routing entry with a higher metric than the tunnel, so that "Network Unreachables" are correctly returned in the event the tunnel is not configured / down. This is also one measure you can use to stop tunneled data from accidentally escaping onto the Internet.
But your subnets need to be correctly configured around the endpoint router so no discovery of the route is necessary by the hosts on the subnet.
So I ask: Does your network topology really need to be able to discover tunnel(s) ? Routing protocols exist for this very application, but they generally are to allow two routers to discover each others routes, not for hosts to discover routes. Its not clear if the issue of route discovery is really your problem or just the subnets aren't configured correctly ?
Darryl
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
