<div dir="ltr"><div>Huh, it is a bit complicated.</div><div>Routing table 220 empty... is not good most probably, but cannot help to fix it.<br></div><div>I would need to see configuration and packet dump to understand what packets go from where to there.<br></div><div><br></div>Anyway, it looks strange to me to route traffic into my own physical segment via gateway: <a href="http://136.243.17.0/26" target="_blank" rel="nofollow" style="cursor: pointer;">136.243.17.0/26</a> via 136.243.17.1 dev eth0 <div>But it will probably not help you.</div><div><br></div><div>Did you try to use lo:0 instead of eth0 for all you "loopback" addresses?</div><div><br></div><div>Miroslav</div><div><br>On Sunday, April 26, 2015 at 8:26:07 PM UTC+2, Bas van Dijk wrote:<blockquote class="gmail_quote" style="margin: 0;margin-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;">Hi Miroslav,
<br>
<br>On 26 April 2015 at 08:26, Miroslav Svoboda <<a href="mailto:goodmirek@goodmirek.cz" target="_blank" rel="nofollow" onmousedown="this.href='mailto:goodmirek@goodmirek.cz';return true;" onclick="this.href='mailto:goodmirek@goodmirek.cz';return true;">goodmirek@goodmirek.cz</a>> wrote:
<br>> Please can you add output of:
<br>> ip route show
<br>> ip route show table 220
<br>> ip xfrm state
<br>> ip a
<br>
<br>Here you go:
<br>
<br># ip route show
<br>default via 136.243.17.1 dev eth0
<br><a href="http://136.243.17.0/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;">136.243.17.0/26</a> via 136.243.17.1 dev eth0
<br><a href="http://172.16.48.16/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;">172.16.48.16/28</a> dev eth0  proto kernel  scope link  src 172.16.48.17
<br>
<br># ip route show table 220
<br>
<br># ip xfrm state
<br>src 136.243.25.108 dst 213.163.70.4
<br>  proto esp spi 0x700e6b6c reqid 1 mode tunnel
<br>  replay-window 32 flag af-unspec
<br>  auth-trunc hmac(sha1) 0x6d969125d32fd66fb899abfc60c4<wbr>328be1404c03 96
<br>  enc cbc(aes) 0xd5562d5113dfc4a8b9a067999028<wbr>2860
<br>src 213.163.70.4 dst 136.243.25.108
<br>  proto esp spi 0xc15e6adb reqid 1 mode tunnel
<br>  replay-window 32 flag af-unspec
<br>  auth-trunc hmac(sha1) 0xf2be74d8b38d26fc2e2ee3adb1cc<wbr>b59a4d06ff09 96
<br>  enc cbc(aes) 0x1c6770d03daa3fa8a317fb7f22d1<wbr>44c8
<br>
<br># ip a
<br>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
<br>group default
<br>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
<br>    inet <a href="http://127.0.0.1/8" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F127.0.0.1%2F8\46sa\75D\46sntz\0751\46usg\75AFQjCNEYFRp9CDygOXtBXqnBoiSY5kxaXg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F127.0.0.1%2F8\46sa\75D\46sntz\0751\46usg\75AFQjCNEYFRp9CDygOXtBXqnBoiSY5kxaXg';return true;">127.0.0.1/8</a> scope host lo
<br>       valid_lft forever preferred_lft forever
<br>2: eth0: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast
<br>state UP group default qlen 1000
<br>    link/ether 44:8a:5b:d8:85:8c brd ff:ff:ff:ff:ff:ff
<br>    inet <a href="http://136.243.25.125/32" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.125%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNHKG0OC8Fj_-S2-b_A5_w411RKvYQ';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.125%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNHKG0OC8Fj_-S2-b_A5_w411RKvYQ';return true;">136.243.25.125/32</a> scope global eth0
<br>       valid_lft forever preferred_lft forever
<br>    inet <a href="http://136.243.25.108/32" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.108%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNE5UmEr7mOU_c1jp0fpb7CVj9TPfw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.25.108%2F32\46sa\75D\46sntz\0751\46usg\75AFQjCNE5UmEr7mOU_c1jp0fpb7CVj9TPfw';return true;">136.243.25.108/32</a> scope global eth0
<br>       valid_lft forever preferred_lft forever
<br>    inet <a href="http://172.16.48.17/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.17%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNHmyKnfH94RKQgphj5fA34Rm7F_mw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.17%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNHmyKnfH94RKQgphj5fA34Rm7F_mw';return true;">172.16.48.17/28</a> scope global eth0
<br>       valid_lft forever preferred_lft forever
<br>    inet <a href="http://136.243.17.41/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.41%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNFmoQU6z8w1KeNoFCQ3RUr-mLRysg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.41%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNFmoQU6z8w1KeNoFCQ3RUr-mLRysg';return true;">136.243.17.41/26</a> scope global eth0
<br>       valid_lft forever preferred_lft forever
<br>
<br>> Are you able to successfully do:
<br>> ip route add <a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17
<br>> ?
<br>
<br>Yes:
<br>
<br># ip route add <a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17
<br>
<br># ip route
<br>default via 136.243.17.1 dev eth0
<br><a href="http://10.180.0.0/24" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F10.180.0.0%2F24\46sa\75D\46sntz\0751\46usg\75AFQjCNFWqCh0H4tGrJ3ywudOCv-E4pvlmg';return true;">10.180.0.0/24</a> via 172.16.48.17 dev eth0
<br><a href="http://136.243.17.0/26" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F136.243.17.0%2F26\46sa\75D\46sntz\0751\46usg\75AFQjCNEOKo3tpPZUlceCKTxAO3vKM1qFpg';return true;">136.243.17.0/26</a> via 136.243.17.1 dev eth0
<br><a href="http://172.16.48.16/28" target="_blank" rel="nofollow" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F172.16.48.16%2F28\46sa\75D\46sntz\0751\46usg\75AFQjCNEIIl6PwcXJKR9BWy4j-IUZ3ZokLw';return true;">172.16.48.16/28</a> dev eth0  proto kernel  scope link  src 172.16.48.17
<br>
<br>Thanks for your time,
<br>
<br>Bas
<br></blockquote></div></div>