To summarize, traffic does know anything about where it's been. There's no guarantee that traffic will go back the same route it came in; asymmetric routing is very common.
All a router knows is the IP address of the destination packet it needs to forward; it'll then use its routing information to select the next hop router, when then makes it's own independent decision. It's a little simplified :-) but pretty much the case. So yes - think both directions - how the request packet comes in, and how the response packet is routed back. Best, Justin On Jan 31, 2008 11:13 AM, Daren Tay <[EMAIL PROTECTED]> wrote: > Hi all, > > I've been toying with this mini project and have some quite interesting > findings... problem persist somehow... help would be appreciated. > btw.. these are for a web infrastructure setup purpose. > > Setup > ==== > > 01 x main router ---> this is the router that is to manage 2 different > subnet, and ensure that their outgoing traffic go by a fixed gateway, and > not just the default gateway. > 02 x laptop --> they simulate the 2 internal subnet > 02 x small routers (one linksys, one vyatta) ---> they simulate the > different subnet of the outgoing connection, the "gateways" > > For the main router: > ----------------------- > eth0: 192.168.2.1 /24 --> to small router (vyatta) > eth1: 192.168.3.1 /24 --> to small router (linksys) > eth2: 192.168.20.1 /24 --> laptop1 (192.168.20.2) > eth3: 192.168.30.1 /24 --> laptop2 (192.168.30.2) > > For the small routers > ------------------------ > :: vyatta :: > LAN --> 192.168.2.2 > WAN --> 192.168.1.232 > Gateway --> 192.168.1.1 > > :: linksys :: > LAN --> 192.168.3.2 > WAN --> 192.168.1.233 > Gateway --> 192.168.1.2 > > *Note: both gateways are separate ADSL modems > > So I go ahead and set them up normally, with default routing pointed to > either one. Everything works fine. > Both laptops can ping each other and can ping the gateway and beyond > (internet). No problem. So I attempt to test the ip tool. > > > IP Tool > ===== > Base on what was advice, I look through, tried and read... > > i create 2 ip route table (other than the default). > I added the following ip route: > ip route add default via 192.168.2.2 dev eth0 tab 1 > ip route add default via 192.168.3.2 dev eth1 tab 2 > > As you can see, table 1 is for routing out through the vyatta small router, > table 2 through the link sys small router. > > I then add the following: > ip rule add from 192.168.20.0/24 tab 1 priority 500 > ip rule add from 192.168.30.0/24 tab 2 priority 600 > > At this point, nothing works anymore. My 2 subnet cannot ping out anymore. > I then copied the entries from "ip route show" and put them into table1 and > table2. > This way, the routes for "ip route show", "ip route show table 1", "ip route > show table 2" are the same, except the default path. > Btw, there is no default path in "ip route show". > > > Problem > --------- > After doing the above... the default path via the linksys router works > fine... > but the vyatta (small router) totally cannot work. I can still ping both its > port (LAN and WAN), but nothing beyond. not even the 1.0 network with the > modems... I'm not sure why.. and I am hoping some kind folks may shed some > light on this. would appreciate this. The main vyatta router can ping > through all of them though. > > so far, Am I doing it correctly? > > > Another question though: > without going through this testing... incoming traffic to the 2 different > subnet will naturally go through their respective gateways. the question is > whether the outgoing traffic will go through the correct gateway, or just > the default gateway.. hence after getting advice from the good folks.. i > began testing.. > > but something just struck me... say i don't do any of these tests. i just > leave it be. so when people serve either websites (from the different > subnets), the DNS resolution will naturally bring them through the different > gateway and on to the appropriate subnet right? If that's the case, when the > request returns to the user, will it go back by the way it came from, or via > the default gateway...? > > My worry is that it will go through the default gateway, hence I asked about > this whole test. But thinking about it.. it can go back the way it come from > isn't it? > > Sorry about the lengthy question, networking amateur here :) > > Many thanks for the patience and interest! > Daren _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
