I have two machines A and B. I want to send iperf traffic from A to B, but first have it route through a userspace program on A. I did this with a tunneling device: therefore, I used the command ip route add *B address* dev tun77.

However, this command is preventing connections from B to A: for example, I cannot from SSH B to A. This is creating problems with my project, especially with TCP traffic.

I assumed that ip route would only affect packets leaving machine A. However, it seems to be affecting connections from B to A. Is this because incoming packets are being routed, or is it the responses from A to B that are preventing the connection from happening (like SYNACK messages)? How do you fix this?

I tried marking packets on the output chain with an iptable and creating a route for that with this link, but for some odd reason it isn't working.

Any help would be appreciated, thanks!

EDIT: When I try running tcpdumps on A and B, all I see are ARP packets from B are arriving at A; in addition, I don't see any traffic out of A that responds to these.

`