Linux – Using the IPs on OVH server via GRE

centosgrelinuxlinux-networkingnetworking

I can't route my IPs into a OVH server, can you help me to find the problem?

Mikrotik GRE IP: 192.168.55.10
OVH Server GRE IP: 192.168.55.20
GRE iface name: ali1_fr1-ovz1
IP to route from Mikrotik to OVH Server: 185.47.128.50 (I want use this IP in a VZ container)

Ping from Mikrotik to OVH GRE IP -> GRE OK

ping 192.168.55.20
HOST                                     SIZE TTL TIME  STATUS                   
192.168.55.20                              56  64 28ms 
192.168.55.20                              56  64 28ms 
192.168.55.20                              56  64 28ms 
    sent=3 received=3 packet-loss=0% min-rtt=28ms avg-rtt=28ms max-rtt=28ms

Traceroute from Mikrotik to the routed IP -> via GRE, Route OK 

 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST
 1 192.168.55.20                      0%    6  28.4ms    28.3    28.2    28.4
 2 185.47.128.50                      0%    5  28.2ms    28.3    28.2    28.7

Ping from the OVH Server to the IP, the IP is assigned to a VZ container -> local ping, OK

# ping 185.47.128.50
PING 185.47.128.50 (185.47.128.50) 56(84) bytes of data.
64 bytes from 185.47.128.50: icmp_seq=1 ttl=64 time=0.019 ms

Ping from to OVH Server to the Mikrotik GRE IP: -> GRE OK

# ping 192.168.55.10
PING 192.168.55.10 (192.168.55.10) 56(84) bytes of data.
64 bytes from 192.168.55.10: icmp_seq=1 ttl=64 time=28.1 ms

route on OVH server (OpenVZ server, 185.47.128.50 is the container)

[root@fr1-ovz1 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
185.47.128.50   0.0.0.0         255.255.255.255 UH    0      0        0 venet0
192.168.55.10   0.0.0.0         255.255.255.255 UH    0      0        0 ali1_fr1-ovz1
94.23.252.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
0.0.0.0         94.23.252.254   0.0.0.0         UG    0      0        0 eth0

Ping from Internet to the routed IP: -> timeout 🙁

PING 185.47.128.50 (185.47.128.50) 56(84) bytes of data.

--- 185.47.128.50 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 5454ms

Any idea?
Thanks!

Best Answer

Your description isn't very clear about the traffic flow, but I would say the return route from the server is going directly to the internet, and is filtered down.

you can prove or disprove it, by running tcpdump on the interface on the server, you should see the ping from the internet coming, but the answer isn't going through the tunnel, it is going through eth0 directly instead.

Related Topic