Re: fwmark / routing ...
This is the best document I have found on the subject.
http://lartc.org/howto/lartc.rpdb.multiple-links.html
-Ryan
----- Original Message -----
From: "Samuel Lucas Vaz de Mello" <samuelm@tha.com.br>
To: <debian-firewall@lists.debian.org>
Sent: Wednesday, October 30, 2002 9:51 AM
Subject: fwmark / routing ...
> Hi!
>
> I have a linux box with 2 internet links (eth1 - 200.203.186.130 and
eth2 - 10.0.0.140 [the adsl router will masq to a valid ip])
>
> I'm trying to make it send some packages trought eth1 and others via eth2.
I'm using fwmark and iproute2.
>
> (for testing, i'm trying to make it send all icmp trafic trought eth2
[10.0.0.140], and others packages via eth1)
>
> # iptables -t mangle -A OUTPUT -p icmp -j MARK --set-mark 5
> # ip rule add fwmark 5 table 5
> # ip route add default 10.0.0.138 table 5
>
> # ip route show
> 200.203.186.128/26 dev eth1 proto kernel scope link src 200.203.186.130
> (...)
> 10.0.0.0/24 dev eth2 proto kernel scope link src 10.0.0.140
> (...)
> default via 200.203.186.129 dev eth1
>
> # ip route show table 5
> default via 10.0.0.138 dev eth2
>
> # ip rule show
> 0: from all lookup local
> 32765: from all fwmark 5 lookup 5
> 32766: from all lookup main
> 32767: from all lookup default
>
> # ip route flush cache
>
> # ping hara2.uol.com.br
> (no response)
>
> # tcpdump -i eth2 | grep icmp
> 15:31:32.228774 200.203.186.130 > hara2.uol.com.br: icmp: echo request
(DF)
>
> It's seem that the package is going to the correct link, but with the
wrong source...
>
> Somo idea about why?
>
>
> Thanks,
>
> - Samuel
>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
>
Reply to: