diff --git a/README.md b/README.md
index 17e5767..c535716 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,7 @@ Peers:
     PublicKey: 徯萃嵾爻燸攗窍褃冔蒔犡緇袿屿組待族砇嘀
     PresharedKey: 瀸敀爅崾嘊嵜紼樴稍毯攣矐訷蟷扛嬋庩崛昀
     EndPoint: 1.2.3.4:56789
-    AllowedIPs: ["192.168.233.2/32", "x192.168.233.3/32"] # allow trans to 192.168.233.3, but don not create route
+    AllowedIPs: ["192.168.233.2/32", "x192.168.233.3/32"] # accept packets from 192.168.233.3, but don not create route
     KeepAliveSeconds: 0
     QueryList: ["192.168.233.3"]
     MTU: 1400
@@ -60,8 +60,9 @@ Peers:
     PublicKey: 牢喨粷詸衭譛浾蘹櫠砙杹蟫瑳叩刋橋経挵蘀
     PresharedKey: 竅琚喫従痸告烈兇厕趭萨假蔛瀇譄施烸蝫瘀
     EndPoint: ""
-    AllowedIPs: ["192.168.233.3/32"]
+    AllowedIPs: ["192.168.233.3/32", "y192.168.66.1/32"] # add route to 192.168.66.1 into inner route table but do not add it to system one
     MTU: 752
+    DoublePacket: true
     KeepAliveSeconds: 0
     AllowTrans: false
 ```
diff --git a/gold/link/peer.go b/gold/link/peer.go
index 102f3a4..7dbb2d1 100644
--- a/gold/link/peer.go
+++ b/gold/link/peer.go
@@ -89,7 +89,8 @@ func (m *Me) AddPeer(cfg *PeerConfig) (l *Link) {
 				continue
 			}
 			noroute := ipnet[0] == 'x'
-			if noroute {
+			innerroute := ipnet[0] == 'y'
+			if noroute || innerroute {
 				ipnet = ipnet[1:]
 				if len(ipnet) == 0 {
 					continue
diff --git a/upper/services/wg/wg.go b/upper/services/wg/wg.go
index b8e1f54..99c1353 100644
--- a/upper/services/wg/wg.go
+++ b/upper/services/wg/wg.go
@@ -79,7 +79,7 @@ func (wg *WG) init(srcport, dstport uint16) {
 	}
 	for _, p := range wg.c.Peers {
 		for _, ip := range p.AllowedIPs {
-			if len(ip) == 0 || ip[0] == 'x' {
+			if len(ip) == 0 || ip[0] == 'x' || ip[0] == 'y' {
 				continue
 			}
 			ipnet, _, err := net.ParseCIDR(ip)