Creating a Tunnel to Talk between Private Network and Public Network:

Scenario :
========
My LAN network is in 10.x.x.x series (Public)
My Hypervisor (Host OS) is on 10.x.x.x series (Public)
My Guest OS is on 192.x.x.x series (Private network)
My DB runs on 10.x.x.x series (Public)

I want my Guest on 192.x.x.x series to be able to communicate to my DB which is on 10.x.x.x Public series and vice versa.

DB host Details :

eth0 : 10.229.1.202

Hypervisor Details (Host OS):

xenbr0: 10.228.1.119 <== communicates to Public series.
xenbr1 : 192.168.10.2 <== communicates to guest os

ON DB Host I do the Following :

[root@DB host ]# ip tunnel add tun0 mode ipip  remote 10.228.1.119 local 10.229.1.202 dev eth0
[root@DB host ]# ifconfig tun0 17.0.0.2 netmask 255.255.255.252  pointopoint 17.0.0.2
[root@DB host ]# ifconfig tun0 mtu 1500 up
[root@DB host ]# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[root@DB host ]# route add -net 192.168.10.0 netmask 255.255.255.0 gw 17.0.0.1 dev tun0

ON Hypervisor I do the below :

[root@Hypervisor Host ~]# ip tunnel add tun0 mode ipip  remote 10.229.1.202 local 10.228.1.119 dev xenbr0
[root@Hypervisor Host ~]# ifconfig tun0 17.0.0.1 netmask 255.255.255.252  pointopoint 17.0.0.1
[root@Hypervisor Host ~]# ifconfig tun0 mtu 1500 up
[root@Hypervisor Host ~]# /sbin/iptables -t nat -A POSTROUTING -o xenbr0 -j MASQUERADE
[root@Hypervisor Host ~]# /sbin/iptables -t nat -A POSTROUTING -o xenbr1 -j MASQUERADE

Now Try Pinging from DB host to 192 series network of Guest OS.

[root@DB host ]# ping 192.168.10.4
PING 192.168.10.4 (192.168.10.4) 56(84) bytes of data.
64 bytes from 192.168.10.4: icmp_seq=1 ttl=63 time=0.898 ms
64 bytes from 192.168.10.4: icmp_seq=2 ttl=63 time=0.650 ms
64 bytes from 192.168.10.4: icmp_seq=3 ttl=63 time=0.656 ms