Hello everybody! I need help with this...
I have 2 ISP and DMZ, and have an error when do shorewall restart: "ERROR:
ip route -4 replace..."
Here with the config will be better understood...
/etc/network/interfaces (Have 4 ip in eth0 all with the same gateway, and
one ip in eth1)
auto eth0
iface eth0 inet static
address 201.41.93.210
netmask 255.255.255.248
post-up ip route add 201.41.93.210/32 dev eth0 src 201.41.93.210 table
TELEF01
post-up ip route add default via 201.41.93.209 table TELEF01
post-up ip rule add from 201.41.93.210 table TELEF01
post-down ip rule del from 201.41.93.210 table TELEF01
auto eth0:1
iface eth0:1 inet static
address 201.41.93.211
netmask 255.255.255.248
post-up ip route add 201.41.93.211/32 dev eth0:1 src 201.41.93.211 table
TELEF02
post-up ip route add default via 201.41.93.209 table TELEF02
post-up ip rule add from 201.41.93.211 table TELEF02
post-down ip rule del from 201.41.93.211 table TELEF02
auto eth0:2
iface eth0:2 inet static
address 201.41.93.212
netmask 255.255.255.248
post-up ip route add 201.41.93.212/32 dev eth0:2 src 201.41.93.212 table
TELEF03
post-up ip route add default via 201.41.93.209 table TELEF03
post-up ip rule add from 201.41.93.212 table TELEF03
post-down ip rule del from 201.41.93.212 table TELEF03
auto eth0:3
iface eth0:3 inet static
address 201.41.93.213
netmask 255.255.255.248
post-up ip route add 201.41.93.213/32 dev eth0:3 src 201.41.93.213 table
TELEF04
post-up ip route add default via 201.41.93.209 table TELEF04
post-up ip rule add from 201.41.93.213 table TELEF04
post-down ip rule del from 201.41.93.213 table TELEF04
auto eth1
iface eth1 inet static
address 200.41.183.21
netmask 255.255.255.252
post-up ip route add 200.41.183.21 dev eth1 src 200.41.183.21 table IPLAN01
post-up ip route add default via 200.41.183.22 table IPLAN01
post-up ip rule add from 200.41.183.21 table IPLAN01
post-down ip rule del from 200.41.183.21 table IPLAN01
allow-hotplug eth2
iface eth2 inet static
address 172.16.0.183
netmask 255.255.255.0
network 172.16.0.0
broadcast 172.16.0.255
-------------------------------------
/etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
1 TELEF01
2 TELEF02
3 TELEF03
4 TELEF04
5 IPLAN01
-------------------------------------
In shorewall.conf i have: USE_DEFAULT_RT=No
-------------------------------------
/etc/shorewall/providers (Only need balance with TELEF01 and IPLAN01)
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS COPY
TELEF01 1 1 main
eth0:201.41.93.210 201.41.93.209 track,balance=1 eth3
TELEF02 2 2 main
eth0:201.41.93.211 201.41.93.209 track,balance=0 eth3
TELEF03 3 3 main
eth0:201.41.93.212 201.41.93.209 track,balance=0 eth3
TELEF04 4 4 main
eth0:201.41.93.213 201.41.93.209 track,balance=0 eth3
IPLAN01 5 5 main eth1
200.41.183.22 track,balance=2 eth3
------------------------------------
/etc/shorewall/interfaces
net eth0
tcpflags,nosmurfs,routefilter=1,sourceroute=1
net eth1
tcpflags,nosmurfs,routefilter=1,sourceroute=1
dmz eth2
tcpflags,nosmurfs,routefilter=1,logmartians,sourceroute=1
---------------------------------------
When i do shorewall start first time allright OK, but later i do shorewall
restart and have the error:
"ERROR: Command "ip -4 route replace 201.41.93.211 gateway 201.41.93.209"
And... When i need some IP route to some alias IP, only route to
201.41.93.210 although put ip "rule add from 172.16.0.35 table TELEF03",
but by IPLAN01 if it I I think it's because something is wrong with the
settings ip aliases...
Tank U!!!
MarC
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
