I have a Linux server with two network interfaces: eth0 (connected to internet using a public IP address A.B.C.208) and eth1 (not connected to anything, bind to a private IP address 10.U.V.159). The private network part is required because I configured a VPN (OpenSwan) whose configuration require it.
My OpenSwan VPN links my 10.U.V.* private network to a remote 10.X.Y.* private network. The VPN link is established and works fine.
But when I ping a server on the remote 10.X.Y.* network, I need to force the source interface to eth1 to make it work:
$ ping -I eth1 10.X.Y.31
PING 10.X.Y.31 (10.X.Y.31) from 10.U.V.159 eth1: 56(84) bytes of data.
64 bytes from 10.X.Y.31: icmp_seq=1 ttl=60 time=29.0 ms
...
Otherwise the OpenSwan/VPN won't reroute the ping.
How can I configure my server to automatically set the source address to eth1/10.U.V.159 when accessing any 10.X.Y.* address? Should I add a route? I do not want to interfere with the VPN own routing mechanism…
My routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default A.B.C.254 0.0.0.0 UG 0 0 0 eth0
10.U.V.0 * 255.255.255.0 U 0 0 0 eth1
A.B.C.0 * 255.255.255.0 U 0 0 0 eth0
Best Answer
10.X.Y.31 doesn't exists in your routing table. So the default route is used, and the packet is sent by eth0. If you want to send it by eth1, you will need to have the next gateway, you could use the
route add -net 10.X.Y.0 netmask 255.255.255.0 gw 10.U.V.159commandIt is maybe a problem of mask, the 10.0.0.0 network is usually in /8.