
<div dir="ltr"><div>Huh, it is a bit complicated.</div><div>Routing table 220 empty... is not good most probably, but cannot help to fix it.<br></div><div>I would need to see configuration and packet dump to understand what packets go from where to there.<br></div><div><br></div>Anyway, it looks strange to me to route traffic into my own physical segment via gateway: <a href="http://136.243.17.0/26" target="_blank" rel="nofollow" style="cursor: pointer;">136.243.17.0/26</a> via 136.243.17.1 dev eth0 <div>But it will probably not help you.</div><div><br></div><div>Did you try to use lo:0 instead of eth0 for all you "loopback" addresses?</div><div><br></div><div>Miroslav</div><div><br>On Sunday, April 26, 2015 at 8:26:07 PM UTC+2, Bas van Dijk wrote:<blockquote class="gmail_quote" style="margin: 0;margin-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;">Hi Miroslav,

<br>

<br>On 26 April 2015 at 08:26, Miroslav Svoboda <<a href="mailto:goodmirek@goodmirek.cz" target="_blank" rel="nofollow" onmousedown="this.href='mailto:goodmirek@goodmirek.cz';return true;" onclick="this.href='mailto:goodmirek@goodmirek.cz';return true;">goodmirek@goodmirek.cz</a>> wrote:

<br>> Please can you add output of:

<br>> ip route show

<br>> ip route show table 220

<br>> ip xfrm state

<br>> ip a

<br>

<br>Here you go:

<br>

<br># ip route show

<br>default via 136.243.17.1 dev eth0

<br><a href="http://136.243.17.0/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;">136.243.17.0/26</a> via 136.243.17.1 dev eth0

<br><a href="http://172.16.48.16/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;">172.16.48.16/28</a> dev eth0  proto kernel  scope link  src 172.16.48.17

<br>

<br># ip route show table 220

<br>

<br># ip xfrm state

<br>src 136.243.25.108 dst 213.163.70.4

<br>  proto esp spi 0x700e6b6c reqid 1 mode tunnel

<br>  replay-window 32 flag af-unspec

<br>  auth-trunc hmac(sha1) 0x6d969125d32fd66fb899abfc60c4<wbr>328be1404c03 96

<br>  enc cbc(aes) 0xd5562d5113dfc4a8b9a067999028<wbr>2860

<br>src 213.163.70.4 dst 136.243.25.108

<br>  proto esp spi 0xc15e6adb reqid 1 mode tunnel

<br>  replay-window 32 flag af-unspec

<br>  auth-trunc hmac(sha1) 0xf2be74d8b38d26fc2e2ee3adb1cc<wbr>b59a4d06ff09 96

<br>  enc cbc(aes) 0x1c6770d03daa3fa8a317fb7f22d1<wbr>44c8

<br>

<br># ip a

<br>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

<br>group default

<br>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

<br>    inet <a href="http://127.0.0.1/8" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F127.0.0.1%2F8\46sa\75D\46sntz\0751\46usg\75AFQjCNEYFRp9CDygOXtBXqnBoiSY5kxaXg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F127.0.0.1%2F8\46sa\75D\46sntz\0751\46usg\75AFQjCNEYFRp9CDygOXtBXqnBoiSY5kxaXg';return true;">127.0.0.1/8</a> scope host lo

<br>       valid_lft forever preferred_lft forever

<br>2: eth0: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast

<br>state UP group default qlen 1000

<br>    link/ether 44:8a:5b:d8:85:8c brd ff:ff:ff:ff:ff:ff

<br>    inet <a href="http://136.243.25.125/32" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.125%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNHKG0OC8Fj_-S2-b_A5_w411RKvYQ';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.125%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNHKG0OC8Fj_-S2-b_A5_w411RKvYQ';return true;">136.243.25.125/32</a> scope global eth0

<br>       valid_lft forever preferred_lft forever

<br>    inet <a href="http://136.243.25.108/32" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.108%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNE5UmEr7mOU_c1jp0fpb7CVj9TPfw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.108%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNE5UmEr7mOU_c1jp0fpb7CVj9TPfw';return true;">136.243.25.108/32</a> scope global eth0

<br>       valid_lft forever preferred_lft forever

<br>    inet <a href="http://172.16.48.17/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.17%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNHmyKnfH94RKQgphj5fA34Rm7F_mw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.17%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNHmyKnfH94RKQgphj5fA34Rm7F_mw';return true;">172.16.48.17/28</a> scope global eth0

<br>       valid_lft forever preferred_lft forever

<br>    inet <a href="http://136.243.17.41/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.41%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNFmoQU6z8w1KeNoFCQ3RUr-mLRysg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.41%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNFmoQU6z8w1KeNoFCQ3RUr-mLRysg';return true;">136.243.17.41/26</a> scope global eth0

<br>       valid_lft forever preferred_lft forever

<br>

<br>> Are you able to successfully do:

<br>> ip route add <a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17

<br>> ?

<br>

<br>Yes:

<br>

<br># ip route add <a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17

<br>

<br># ip route

<br>default via 136.243.17.1 dev eth0

<br><a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17 dev eth0

<br><a href="http://136.243.17.0/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;">136.243.17.0/26</a> via 136.243.17.1 dev eth0

<br><a href="http://172.16.48.16/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;">172.16.48.16/28</a> dev eth0  proto kernel  scope link  src 172.16.48.17

<br>

<br>Thanks for your time,

<br>

<br>Bas

<br></blockquote></div></div>