H. Peter Anvin wrote:
Alexey Kuznetsov wrote:
The question is where is this host really?
If it is far far away and connected only via IPsec tunnel with
destionation
of tunnel different of host address
ip ro add THEHOST dev dummy0
should be enough. It asserts that THEHOST is not on eth0.
IPsec policy will figure out correct route, unless something is broken.
Just tried it, and it works as advertised.
... except that OpenSwan will rip out the route and install a route
pointing to eth0, thus breaking the thing again.
-hpa
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
