Routing IP's through tunnel, traffic back out same tunnel?



  • Hello,

    I run a few datacenters around the united states and europe.  I run Cisco gear obviously,  So I've created a GRE tunnel between 2 of my datacenters, and I've basically static routed a IP block thru that tunnel.

    So Tunnel between Santa Clara, and My home in Las Vegas, and another from Dallas to Las Vegas.

    I run fiber to the home, so have a 1gbps line, and then a secondary 100meg backup line.

    I've simply just got a /29 routed thru the tunnel from Santa Clara, and my home.  So if you were to ping that outside address,  it would come thru to my server,  however,  routing back out.  It does not take the same path.

    
    [root@server ~]# ip a s
    1: lo: <loopback,up,lower_up>mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    7: eth0@if8: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
        link/ether d2:1e:00:12:98:78 brd ff:ff:ff:ff:ff:ff link-netnsid 0
        inet yyy.yyy.yyy.43/29 brd yyy.yyy.yyy.47 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::d01e:ff:fe12:9878/64 scope link 
           valid_lft forever preferred_lft forever
    [root@server ~]# route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         yyy.yyy.yyy.41    0.0.0.0         UG    0      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 eth0
    192.64.72.33    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
    192.64.72.40    0.0.0.0         255.255.255.248 U     0      0        0 eth0</broadcast,multicast,up,lower_up></loopback,up,lower_up> 
    

    But if I run a simple curl on the server to the outside.

    
    [root@server ~]# curl https://ip.innoscale.net
    
    <title>InnoScale</title>
    
    <center>![](innoscale_logoweb.jpg)
    
    Your IP address: xxx.xxx.xxx.121
    </center>
    
    

    Is there a way to route specific traffic from this /29 of IP's back out the path it came?

    I appreciate your time on this matter.  I am trying not to install a Cisco router to do the job, thought I think that maybe what is going to be required to do what I am trying to do.

    CPU Type Intel(R) Atom(TM) CPU C2758 @ 2.40GHz
    8 CPUs: 1 package(s) x 8 core(s)
    AES-NI CPU Crypto: Yes (active)
    Hardware crypto AES-CBC,AES-XTS,AES-GCM,AES-ICM
    Kernel PTI Enabled
    Memory usage
    6% of 16309 MiB

    Thanks,

    Michael



  • Well darn…  Was hoping someone had been doing this before.

    Was hoping not to go Cisco for this.  I guess I will look at a Cisco ASR1k or maybe a 900.