i have a few openvpn servers that have secondary interface and im trying to route the internet for openvpn users through second interface, lets name main interface eth0 and secondary w1.
current situation is like this. user >> tun >> server tun0 >> internet on eth0
my goal is like this. user >> tun >> server tun0 >> internet on w1
i read a few articles about source based routing and done this:
made a table named w1 in /etc/iproute2/rt_tables then this two command
ip rule add from 10.8.0.0/24 table w1
ip route add default via 172.16.0.2 dev w1 table w1
172.16.0.2 is ip address of interface w1. its a point to point interface from another tunnel software. i can ping 1.1.1.1 via this interface and no problem here. its seems fine to me and it even worked on first server and my ip was public ip of w1 interface. however the same thing does not work on another server, i done the same routing and rules, flushed cache of "ip route", but none of them worked on this server.
what happening is user cant ping anywhere and cant even ping the server tun0 itself(10.8.0.1)
i feel im missing something that maybe it was done by accident on first server, cause it seems so simple yet not working here.
both are running latest ubuntu lts 22.04. first server which is fine is running on amd X86 and second one is running on ARM, hope it does not matter.
/sbin/sysctl -ar \\.rp_filter. Btw, Linux IPv4 routes don't have a cache anymore (well except very rare cases like pmtu or icmp redirect) since Linux 3.6: you can forget about flushing cache everywhere.