Make site 1 your router. If site 1 runs on 192.168.0.0/24, 2 is
192.168.1.0/24 and 3 is 192.168.2.0/24, add routes at 1, 2, and 3 to
eachother over the cipe network.
route add -net 192.168.2.0 netmask 255.255.255.0 gw [1's cipe address]
route add -net 192.168.1.0 netmask 255.255.255.0 gw [1's cipe address]
I think that should be sufficient since 1 already knows everyone's route
and 2/3 know 1 is 192.168.0.0/24 via the cipe addresses. Just make sure
you "echo 1 > /proc/sys/net/ipv4/ip_forward" on each system which needs to
route (at least site 1).
As long as you keep 2&3's cipe links alive, they won't know they are
On Tue, 2 Jul 2002, Karl Kleinpaste wrote:
> I have 3 machines in use:
> 1 - fixed IP addr, no firewall or gateway.
> 2 - dialup, random IP addr.
> 3 - fixed IP addr behind ipmasq gateway.
> At this time, I connect both 1<->2 and 1<->3 such that 1 has "peer
> 0.0.0.0:port". 2 and 3 make the "active" side of establishing the
> connection, and the world is wonderful, and has been for months. Fine
> so far.
> Now I need to connect 2 and 3. The problem is that, as a dialup, the
> line drops every 10 or 12 hours whether I like it or not -- the ISP
> just doesn't allow the line to remain permanently in use, though (as
> it happens) they don't mind the fact that I immediately reconnect and
> so am effectively connected 24x7.
> The problem, of course, is that 2 cannot find 3 on its own at all, and
> the address of 2 changes with each new connection such that 3 will
> have to find it afresh whenever it disappears and comes back. I use
> dyndns.org for 2, which at least means I can do a DNS query to find
> What I fear I am stuck with is
> - 2 uses "peer 0.0.0.0:port" so that it is passive with regard to
> connection establishment, and
> - 3 must periodically have its ciped-cb for that link killed and
> restarted in order that a new IP addr be found, because ciped-cb does
> not have any provision for deciding that the remote "real" IP addr has
> changed underneath itself.
> Might anyone have any other possible configuration suggestions?
> Managing kill/restart this way is a grotesque hack at very best.
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
20417 SW 70th Ave.
Tualatin, OR 97062