Hi: Pardon if it�s a already answered question (and for my english). I�m trying to do that Samuel Lucas Vaz do; but I�ve got tow ADSL lines with the same gateway. The question is: Is the mentioned method valid for my installation?. I�ve applied the patches to the kernel and I�ve readed de "nano-howto". I�think that this would have to work because the patch looks for routes based in source address, destination address, interface and gateway but it don�t work for me. The packets out by ppp1 but with ppp0 source address. I wish only to know if the mentioned method is applicable. If it is, I will review my configuration.
Best Regards Ivan Lopez Argentina --------------------------- Hi Samuel, you should add rules and tables to route with the propertly source. take a look at the nano HOWTO http://www.linuxvirtualserver.org/~julian/nano.txt You can do it without firewall rules... Here is an example, the rule 201 and 202 is only for route with the right source. # rule with source address 200.203.186.130 ip rule add prio 201 from 200.203.186.128/26 table 201 ip route add default via 200.203.186.GATEWAY dev eth1 src 200.203.186.130 proto static table 201 ip route append prohibit default table 201 metric 1 proto static # rule with source address 10.0.0.138 ip rule add prio 202 from 10.0.0.0/24 table 202 ip route add default via 10.0.0.138 dev eth2 src 10.0.0.140 proto static table 202 ip route append prohibit default table 202 metric 1 proto static #if you want to do it without firewall ip rule add prio 50 table main #only for local routing, with 50 as preference ip route del default table main #internet gateways will be added in the table 222, not in the main table ip rule add prio 222 table 222 #rule with gateways ip route add default table 222 proto static \ #route with gateways, you can put a metric for each gateway nexthop via 200.203.186.GATEWAY dev eth1 \ nexthop via 10.0.0.138 dev eth2 regards, Matias Lambert Samuel Lucas Vaz de Mello wrote: > Hi! > > I have a linux box with 2 internet links (eth1 - 200.203.186.130 and > eth2 - 10.0.0.140 [the adsl router will masq to a valid ip]) > > I'm trying to make it send some packages trought eth1 and others via > eth2. I'm using fwmark and iproute2. > > (for testing, i'm trying to make it send all icmp trafic trought eth2 > [10.0.0.140], and others packages via eth1) > > # iptables -t mangle -A OUTPUT -p icmp -j MARK --set-mark 5 > # ip rule add fwmark 5 table 5 > # ip route add default 10.0.0.138 table 5 > > # ip route show > 200.203.186.128/26 dev eth1 proto kernel scope link src 200.203.186.130 > (...) > 10.0.0.0/24 dev eth2 proto kernel scope link src 10.0.0.140 > (...) > default via 200.203.186.129 dev eth1 > > # ip route show table 5 > default via 10.0.0.138 dev eth2 > > # ip rule show > 0: from all lookup local > 32765: from all fwmark 5 lookup 5 > 32766: from all lookup main > 32767: from all lookup default > > # ip route flush cache > > # ping hara2.uol.com.br > (no response) > > # tcpdump -i eth2 | grep icmp > 15:31:32.228774 200.203.186.130 > hara2.uol.com.br: icmp: echo request (DF) > > It's seem that the package is going to the correct link, but with the wrong > source... > > Somo idea about why? > > Thanks, > > - Samuel >
