How to bypass linux routing??
I have a unique problem to contend with. I have 3 machines - 2 running windows XP (say A and B) and 1 running Linux (say C). The architecture is something like this -->
A ---------- (eth0) C (eth1) ------------ B
A secure IKEV2 tunnel has been created between m/c C (eth1) and m/c B, using the IP address - 192.168.11.30/24 on eth1 on m/c C and IP address - 192.168.11.15/24 on m/c B. Additionally m/c B will also be assigned a virtual IP Address - 192.168.11.202/24. A security policy has been applied to this secure association (SA), indicating that any traffic destined for 192.168.11.202, be tunneled through the SA created between eth1 and the IP 192.168.11.15/24. Machine A needs to be assigned an IP Address - 192.168.11.190/24.
Now the problem....I need to have traffic sent from m/c A to reach m/c B. The traffic will has source IP - 192.168.11.190 (A's) and dest. IP - 192.168.11.202 (B's virtual). What happens by default, is that eth0 on m/c C drops all packets, as it figures that the traffic is local and never gets to consult the routing table. So when I added a bunch of static routes on m/c C, expecting traffic to be routed from eth0 to eth1...I was left pleasently surprised.
Question: Is there a means for us to bypass the linux routing logic, so that eth0 on m/c can accept the traffic and bring it up to application?
Thanks in advance,
Solution to bypassing Linux routing
I posted this thread some time back, trying to figure out a means to bypass linux routing. The purpose was to ensure that a Linux machine acting as a security gateway in a Generic Access Network allows the packets to be routed between interfaces, even though both the ingress and egress interfaces on the LInux machine belong to the same subnet.
The solution is provided by 'Local Proxy ARP (LPA)'. Enable LPA on the Linux machine. Add routes to identify individual hosts connected on both interfaces and everything should work out.
Hope this helps someone.