Dan Fruehauf asked:
Well, this is a rather awkward inquiry and I’m pretty pessimistic about it, but lets see what the community has to say.
A server connecting to multiple VPN endpoints doing all sort of stuff.
The same IP can be assigned to multiple devices.
Be able to route traffic successfully through each of these devices with the same IP address.
In the following scenario:
tun0: 192.168.200.10 192.168.200.1 tun1: 192.168.200.11 192.168.200.1 tun2: 192.168.200.12 192.168.200.1
No problems. Using Linux’s sources based routing things work like a charm.
However, since I don’t control from the client side the IP address I’m going to be assigned, I might get:
tun0: 192.168.200.10 192.168.200.1 tun1: 192.168.200.10 192.168.200.1 tun2: 192.168.200.10 192.168.200.1
And here comes the problem. Is there a way to control routing tables per interface regardless of IP?
Currently each interface that goes up gets another entry in */etc/iproute2/rt_tables* such as:
100 tun0 101 tun1 102 tun2
Then the following for each device:
ip rule add from 192.168.200.X iif tunX table tunX ip route add default via 192.168.200.1 table tunX
In order to test it I’m using ‘curl –interface tunX’.
The first interface more or less “wins” the routing decision.
I want the right interface to win.
Theoretically I’m well aware I’m doing something many would consider wrong. However I’d like to know if there is a way around it, because I think there is.
Any ideas about it? Perhaps iptables fwmark could help if at all?
You can’t use the same IP address on two different interfaces without something breaking, and there are no good “workarounds”. One or more of the networks will have to renumber.
(Oh, and now it’s time to get yourself some IPv6, which doesn’t have this problem.)
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.