1-ый сервер:
iptunnel add tun0 mode ipip remote 1.1.1.1 local 2.2.2.2
ifconfig tun0 10.0.0.1 pointopoint 10.0.0.2 up
ip route add 192.168.2.0/24 via 10.0.0.2
--------------
eth0      Link encap:Ethernet  HWaddr
          inet addr:2.2.2.2 Mask:255.255.255.252
          inet6 addr:  Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43848310 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28369476 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4168951541 (3.8 GiB)  TX bytes:2110131553 (1.9 GiB)
          Interrupt:10 Base address:0xc400

eth1      Link encap:Ethernet  HWaddr
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr:  Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7551804 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20949948 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:873692956 (833.2 MiB)  TX bytes:834171726 (795.5 MiB)

eth1:0    Link encap:Ethernet  HWaddr
          inet addr:192.168.9.1  Bcast:192.168.9.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:49991 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48813 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2055529 (1.9 MiB)  TX bytes:2973418 (2.8 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:6881 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6881 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:286827 (280.1 KiB)  TX bytes:286827 (280.1 KiB)

tun0      Link encap:IPIP Tunnel  HWaddr
          inet addr:10.0.0.1  P-t-P:10.0.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:49991 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48813 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2055529 (1.9 MiB)  TX bytes:2973418 (2.8 MiB)

--------------
/sbin/iptables -t nat -A PREROUTING -p ICMP -i tun0 -d 192.168.9.2 -j DNAT --to-destination 192.168.1.2
--------------
2-ой сервер:
iptunnel add tun0 mode ipip remote 2.2.2.2 local 1.1.1.1
ifconfig tun0 10.0.0.2 pointopoint 10.0.0.1 up
ip route add 192.168.9.0/24 via 10.0.0.1

---------------
eth2      Link encap:Ethernet  HWaddr
          inet addr:1.1.1.1  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:38320624 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54385885 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2125119880 (2026.6 Mb)  TX bytes:1601569074 (1527.3 Mb)
          Interrupt:11 Base address:0xb000

eth3      Link encap:Ethernet  HWaddr
          inet addr:192.168.2.101  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21887159 errors:0 dropped:0 overruns:12 frame:0
          TX packets:19651337 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1247344990 (1189.5 Mb)  TX bytes:1471694665 (1403.5 Mb)
          Interrupt:10 Base address:0xa800

eth4      Link encap:Ethernet  HWaddr
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:60532231 errors:0 dropped:0 overruns:0 frame:0
          TX packets:38284567 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:3058589180 (2916.8 Mb)  TX bytes:2211805396 (2109.3 Mb)
          Interrupt:9 Base address:0xa400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:17291 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17291 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1323427 (1.2 Mb)  TX bytes:1323427 (1.2 Mb)

tun0      Link encap:IPIP Tunnel  HWaddr
          inet addr:10.0.0.2  P-t-P:10.0.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:48791 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50040 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1996234 (1.9 Mb)  TX bytes:3058191 (2.9 Mb)

---------------

ip route list
10.0.0.1 dev tun0  proto kernel  scope link  src 10.0.0.2
1.1.1.1/29 dev eth2  scope link
10.0.0.0/24 via 10.0.0.2 dev tun0
192.168.2.0/24 dev eth3  scope link
192.168.1.0/24 dev eth4  scope link
1.1.1.0/24 dev eth0  scope link
192.168.9.0/24 via 10.0.0.1 dev tun0
169.254.0.0/16 dev eth4  scope link
127.0.0.0/8 dev lo  scope link
default via 1.1.1.1 dev eth2

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.1        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
1.1.1.1         0.0.0.0         255.255.255.248 U     0      0        0 eth2
10.0.0.0        10.0.0.2        255.255.255.0   UG    0      0        0 tun0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth3
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth4
1.1.1.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.9.0     10.0.0.1        255.255.255.0   UG    0      0        0 tun0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth4
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         1.1.1.1    0.0.0.0         UG    0      0        0 eth2

-------------------
iptables -A FORWARD -s 192.168.2.0/24 -d 192.168.9.0/24 -p tcp -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -d 192.168.9.0/24 -p udp -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -d 192.168.9.0/24 -p icmp -j ACCEPT

iptables -A FORWARD -s 192.168.1.0/24 -d 192.168.2.0/24 -j DROP
iptables -A FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j MASQUERADE

Собственно оказия:

со второго сервера:
ping 192.168.9.2
PING 192.168.9.2 (192.168.9.2) 56(84) bytes of data.
64 bytes from 192.168.9.2: icmp_seq=1 ttl=127 time=8.43 ms
64 bytes from 192.168.9.2: icmp_seq=2 ttl=127 time=37.3 ms
64 bytes from 192.168.9.2: icmp_seq=3 ttl=127 time=38.6 ms

с клиентской машины во второй подсети (192.168.2.102):

c:> ping 192.168.9.2
Request time out.

tcpdump -i eth3 host 192.168.9.2
tcpdump: listening on eth3
15:43:14.352120 192.168.2.102 > 192.168.9.2: icmp: echo request
15:43:15.852101 192.168.2.102 > 192.168.9.2: icmp: echo request
15:43:17.352040 192.168.2.102 > 192.168.9.2: icmp: echo request

tcpdump -i eth2 host 192.168.9.2
tcpdump: listening on eth2
15:44:00.171511 1.1.1.1 > 192.168.9.2: icmp: echo request
15:44:05.671696 1.1.1.1 > 192.168.9.2: icmp: echo request
15:44:11.171669 1.1.1.1 > 192.168.9.2: icmp: echo request

• Помогите с iptunnel и маршрутизацией, а может и еще с чем., irena, 16:10 , 03-Мрт-05, (1)
• Помогите с iptunnel и маршрутизацией, а может и еще с чем., irena, 16:25 , 03-Мрт-05, (2)
• Помогите с iptunnel и маршрутизацией, а может и еще с чем., denn, 16:27 , 03-Мрт-05, (3)
  • Помогите с iptunnel и маршрутизацией, а может и еще с чем., irena, 17:40 , 03-Мрт-05, (4)