After the data packet returns from the tun0 tunnel of B to the tun0 of A, there is no problem of routing and forwarding to the PC.

[maojianyou]

1、Use the ip rule routing strategy to request data packets to reach B from A successfully, then return from tun0 of B to tun0 of A and then return to PC， such as topology:

2、Failure situation ip rule del from 192.168.1.100 table 3 ip rule add fwmark 3 table 3 iptables -A PREROUTING -t mangle -i eth0 -s 192.168.1.100 -j MARK --set-mark 3

In the second case, after the data packet is returned from B’s tun0 to A’s tun0, the capture packet can see that tun0 returns the data packet normally, and then does not return to the PC. Is this a program problem? My goal is to see if I can achieve precise control of routing policies through iptables policies, such as separating tcp/udp and going through different tunnels, etc. 抱歉哦，英文不咋滴，谷歌翻译的，请谅解！

[wangyu-]

In the second case, after the data packet is returned from B’s tun0 to A’s tun0, the capture packet can see that tun0 returns the data packet normally, and then does not return to the PC. Is this a program problem?

No this is not a program problem.

tinyfecVPN just creates a virtual link. Routing packet is the job of ip route and kernel.

if you link works but your route is not working, you need to check you routing rules and iptables.