I have two p2p tunnels to two different servers on a host, tun1 and tun2: (host is Ubuntu server 18.04)
(Server 1: IP1) <--> (Host: IP0) <--> (Server 2: IP2)
For tun1 to server 1 I have:
proto udp
mode p2p
remote IP1
rport 4856
local IP0
lport 4856
dev-type tun
tun-ipv6
resolv-retry infinite
dev tun1
comp-lzo
persist-key
persist-tun
cipher aes-256-cbc
ifconfig 192.168.76.2 192.168.76.3
secret /etc/openvpn/key.key
for tun2 to server 2 I have:
proto udp
mode p2p
remote IP2
rport 4857
local IP0
lport 4857
dev-type tun
tun-ipv6
resolv-retry infinite
dev tun2
comp-lzo
persist-key
persist-tun
cipher aes-256-cbc
ifconfig 192.168.77.2 192.168.77.3
secret /etc/openvpn/key.key
I want to forward packets received on tun1 with dst=IP4 to tun2 so I added a static route:
ip route add IP4/32 via 192.168.77.3
Ip forwarding is also enabled.
sysctl -w net.ipv4.ip_forward=1
No Iptables rules existed. All chains have ACCEPT behavior.
All tunnel interfaces are connected to their corresponding servers and up.
When I send packets from Server 1 with dst=IP4 to the tunnel, packets are received in host but they are not forwarded to tun2 and I cannot see them in Server 2 using tcpdump.
Any idea?
I have to explicitly enable forwarding on
tun1(incoming traffic):sysctl -w net.ipv4.conf.tun1.forwarding=1sysctl -w net.ipv4.ip_forward=1is not enough (actually it is not needed).