Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Routing IP's through tunnel, traffic back out same tunnel?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 1 Posters 345 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      arisythila
      last edited by

      Hello,

      I run a few datacenters around the united states and europe.  I run Cisco gear obviously,  So I've created a GRE tunnel between 2 of my datacenters, and I've basically static routed a IP block thru that tunnel.

      So Tunnel between Santa Clara, and My home in Las Vegas, and another from Dallas to Las Vegas.

      I run fiber to the home, so have a 1gbps line, and then a secondary 100meg backup line.

      I've simply just got a /29 routed thru the tunnel from Santa Clara, and my home.  So if you were to ping that outside address,  it would come thru to my server,  however,  routing back out.  It does not take the same path.

      
[root@server ~]# ip a s
1: lo: <loopback,up,lower_up>mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
7: eth0@if8: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d2:1e:00:12:98:78 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet yyy.yyy.yyy.43/29 brd yyy.yyy.yyy.47 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d01e:ff:fe12:9878/64 scope link 
       valid_lft forever preferred_lft forever
[root@server ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         yyy.yyy.yyy.41    0.0.0.0         UG    0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 eth0
192.64.72.33    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
192.64.72.40    0.0.0.0         255.255.255.248 U     0      0        0 eth0</broadcast,multicast,up,lower_up></loopback,up,lower_up>

      But if I run a simple curl on the server to the outside.

      
[root@server ~]# curl https://ip.innoscale.net

<title>InnoScale</title>

<center>![](innoscale_logoweb.jpg)

Your IP address: xxx.xxx.xxx.121
</center>

      Is there a way to route specific traffic from this /29 of IP's back out the path it came?

      I appreciate your time on this matter.  I am trying not to install a Cisco router to do the job, thought I think that maybe what is going to be required to do what I am trying to do.

      CPU Type Intel(R) Atom(TM) CPU C2758 @ 2.40GHz
      8 CPUs: 1 package(s) x 8 core(s)
      AES-NI CPU Crypto: Yes (active)
      Hardware crypto AES-CBC,AES-XTS,AES-GCM,AES-ICM
      Kernel PTI Enabled
      Memory usage
      6% of 16309 MiB

      Thanks,

      Michael

      1 Reply Last reply Reply Quote 0
      • A Offline
        arisythila
        last edited by

        Well darn…  Was hoping someone had been doing this before.

        Was hoping not to go Cisco for this.  I guess I will look at a Cisco ASR1k or maybe a 900.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.