Okay, I've got it mostly working now. The missing route seems to be
"10.0.0.0", "255.0.0.0", "0.0.0.0", "100". So not the gateway but
0.0.0.0. This works both in Gentoo and VirtualBox ... except for (at
least) one internal site.
I have a.i.company.com ("a") and b.i.company.com ("b"). Dig in Gentoo
tells me both are aliases for a.r1.i.company.com and
b.r1.i.company.com, respectively. They both resolve to 10.x.y.z
addresses. But "a" works in both Gentoo and VB, while "b" cannot be
resolved in VB (dig finds nothing). I can obviously work around that
but I'm very confused why it doesn't work the same in both.
