Kernel routing table question
I have a routing table question for all of you. I just swapped my main home router which originally was a Linksys
running OpenWRT (based on kernel 2.4.30) and is now a full computer running Stretch and kernel 4.9.41
I have a VPN server inside my network where hosts are 10.100.0.0/24 and my internal network is 10.0.0.0/24. When I ran
my old router, I specified a static route to the VPN network on the router itself (not on any of the internal network
machines):
route -add net 10.100.0.0/24 gw <VPNServerIP>
This worked fine, all machines had access to the VPN clients and VPN clients had access to the internal network.
After the upgrade I did the same thing but it doesn't work. I can trace packets through the network. If a VPN client
sends out a ping to an internal machine, the ping traverses the VPN server, exits onto the internal network, is sent to
the internal client, that client then replies but the internal client sends the reply to the default gateway (10.0.0.1)
instead of rerouting back to the VPN server as the static route dictates. There's no evidence of an ICMP redirect
occuring or other similar information.
Now, interestingly I can ping outbound from the internal network to the VPN clients where I do see the ICMP redirect.
On top of that, if I immediately start a ping from the VPN client into the same internal client, it works. Once the
internal client stops the pings, it'll eventually stop working.
I'm completely lost why the router is not redirecting the packets. As far as I can tell, I've duplicated everything
from the old to the new. The iptables configuration was copied from one to the other exactly (iptables-save on one,
iptables-restore on the other). If you have any thoughts and/or suggestions for other lists/forums to ask I would
greatly appreciate it.
Reply to: