Skip to content

Instantly share code, notes, and snippets.

@vitiral

vitiral/ip route

Last active February 20, 2018 21:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vitiral/d869c5ac3a3625b8679fc09bdb7d6fff to your computer and use it in GitHub Desktop.
Save vitiral/d869c5ac3a3625b8679fc09bdb7d6fff to your computer and use it in GitHub Desktop.
Download ZIP
nixos help
Raw
ip route
[root@garrett-laptop:~]# ip addr
...
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1406 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 10.249.208.187/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::a4be:e60c:f593:2fac/64 scope link stable-privacy
valid_lft forever preferred_lft forever
[root@garrett-laptop:~]# ip route
default via 192.168.43.1 dev wlp3s0 proto static metric 600
10.249.208.0/23 dev tun0 scope link
10.249.208.0/23 dev tun0 scope link metric 1
192.168.43.0/24 dev wlp3s0 proto kernel scope link src 192.168.43.80 metric 600
208.185.63.19 via 192.168.43.1 dev wlp3s0 src 192.168.43.80 mtu 1440
Raw
openconnect stdout
$ openconnect homebase-wbu.netapp.com/corp --user REDACTED
POST https://homebase-wbu.netapp.com/corp
Connected to 208.185.63.19:443
SSL negotiation with homebase-wbu.netapp.com
Connected to HTTPS on homebase-wbu.netapp.com
XML POST enabled
Please enter your username and password.
Password:
Password:
POST https://homebase-wbu.netapp.com/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.249.208.187, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(DHE-RSA-4294967237)-(AES-256-CBC)-(SHA1).
Failed to read from SSL socket: The transmitted packet is too large (EMSGSIZE).
Failed to recv DPD request (1406)
Connect Banner:
| THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS FOR AUTHORIZED USE ONLY. UNAUTHORIZED ACCESS IS STRICTLY PROHIBITED AND MAY BE PUNISHABLE UNDER THE COMPUTER FRAUD AND ABUSE ACT OF 1986 OR OTHER APPLICABLE LAWS. IF NOT AUTHORIZED TO ACCESS THIS SYSTEM, DISCONNECT NOW. BY CONTINUING, YOU CONSENT TO YOUR ACTIVITIES BEING MONITORED. ALL PERSONS ARE HEREBY NOTIFIED THAT THE USE OF THIS SYSTEM CONSTITUTES CONSENT TO MONITORING AND AUDITING.
Raw
resolv.conf
[root@garrett-laptop:~]# cat /etc/resolv.conf
# Generated by resolvconf
domain hq.netapp.com
nameserver 10.116.36.9
nameserver 10.102.76.214
nameserver 192.168.43.1
options edns0
@infinisil
Copy link

Before connecting

resolv.conf

# Generated by resolvconf
domain fritz.box
nameserver 139.59.149.43
nameserver 192.168.178.1
options edns0

ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 7c:d1:c3:e2:f3:8f brd ff:ff:ff:ff:ff:ff
    inet 192.168.178.90/24 brd 192.168.178.255 scope global wlp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80::7ed1:c3ff:fee2:f38f/64 scope link 
       valid_lft forever preferred_lft forever
3: vboxnet0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.1/24 scope global vboxnet0
       valid_lft forever preferred_lft forever

ip route

default via 192.168.178.1 dev wlp2s0 src 192.168.178.90 metric 302 
192.168.56.0/24 dev vboxnet0 proto kernel scope link src 192.168.56.1 linkdown 
192.168.178.0/24 dev wlp2s0 proto kernel scope link src 192.168.178.90 metric 302

Connecting

sudo vpnc eth --debug=1

vpnc version 0.5.3
IKE SA selected psk+xauth-aes128-sha1
NAT status: this end behind NAT? YES -- remote end behind NAT? no
got address 129.132.208.185
IPSEC SA selected aes128-sha1
VPNC started in background (pid: 10628)...

After connecting

resolv.conf

# Generated by resolvconf
domain ethz.ch
search ethz.ch fritz.box
nameserver 129.132.98.12
nameserver 129.132.250.2
nameserver 139.59.149.43
nameserver 192.168.178.1
options edns0

ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 7c:d1:c3:e2:f3:8f brd ff:ff:ff:ff:ff:ff
    inet 192.168.178.90/24 brd 192.168.178.255 scope global wlp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80::7ed1:c3ff:fee2:f38f/64 scope link 
       valid_lft forever preferred_lft forever
3: vboxnet0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.1/24 scope global vboxnet0
       valid_lft forever preferred_lft forever
10: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1412 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 129.132.208.185/32 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::787a:f4cd:a6ad:79ec/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

ip route

default via 192.168.178.1 dev wlp2s0 src 192.168.178.90 metric 302 
129.132.99.164 via 192.168.178.1 dev wlp2s0 src 192.168.178.90 
129.132.208.0/22 dev tun0 scope link 
192.168.56.0/24 dev vboxnet0 proto kernel scope link src 192.168.56.1 linkdown 
192.168.178.0/24 dev wlp2s0 proto kernel scope link src 192.168.178.90 metric 302

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment