Selectively route traffic to interface

Question

I have set up a separate routing table (tovpn)

#echo 200 tovpn >> /etc/iproute2/rt_tables

Now I assign routes to it.

Where 10.0.0.1 is the tun2 P-t-P and 10.0.0.2 is the inet

#ip route add 10.0.0.1 dev tun2 table tovpn  
#ip route add default via 10.0.0.2 dev tun2 table tovpn

Some network 172.20.20.0/24 has traffic forwarded to the table

#ip rule add from 172.22.22.0/24 table tovpn  
#iptables -t nat -A POSTROUTING -s 172.22.22.0/24 -o tun2 -j MASQUERADE

Great, everything works.

How do I specify traffic additional traffic to pass through the tunnel by specifying the host ip?

The following does not work, if I would like to route, for example, traffic to 8.8.4.4 over the tunnel.

#ip rule add to 8.8.4.4/32 table tovpn

alternatively

#ip rule add to 8.8.4.4/32 lookup tovpn

Any assistance would be greatly appreciated, thank you.

Hi, answers go in the Answer section, not as an edit to the question. — Michael Hampton, Mar 22 '13 at 15:42

score 1 · Accepted Answer · edited Apr 09 '13 at 13:12

1

My routing table was incorrectly setup. Correct setup as follows:

# ip route add $PTPADDR src $INETADDR proto kernel dev tun1 table tovpn  
# ip route add default dev tun1 table tovpn

Now mark packets with

# iptables -t mangle -A PREROUTING -i $LANINTERFACE -d 8.8.8.8/32 -j MARK --set-mark 300

edited Apr 09 '13 at 13:12

Scott Pack

answered Apr 09 '13 at 12:41

user165813

Please be sure to [mark your answer accepted](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) when you're able. – jscott Apr 09 '13 at 12:51

1 Answers1