From: "Mark Coetser" <mark@thummb.com>
To: netfilter@lists.netfilter.org
Subject: load balanced adsl lines
Date: Sun, 4 Jul 2004 12:52:02 +0200 [thread overview]
Message-ID: <01dc01c461b4$f0828670$fe00000a@citadel> (raw)
[-- Attachment #1: Type: text/plain, Size: 3049 bytes --]
Hi Ppl
I have 5 adsl lines that after reading quite a bit i managed to get load balanced now abvoiusly it doesnt load balance evenly and this works on what routes are still in the routing cache. my question is my outbound masquerading had to be modified to use snat in iptables instead of just plain masquerading my outbound masquerading now works but my inbound port forwarding doesnt work would this be an iptables problem or a routing issue...
i have opened all the relavent ports on each of the interfaces and I am not getting any logged denies the connection just never opens
I am running the following
debian woody
kernel 2.6.6
iptables v1.2.6a
Chain PREROUTING (policy ACCEPT 20 packets, 4483 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:10.0.0.12:110
0 0 DNAT tcp -- ppp1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:10.0.0.12:110
0 0 DNAT tcp -- ppp2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:10.0.0.12:110
0 0 DNAT tcp -- ppp3 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:10.0.0.12:110
0 0 DNAT tcp -- ppp4 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:10.0.0.12:110
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- ppp0 eth0 0.0.0.0/0 10.0.0.12 tcp dpt:110
0 0 ACCEPT tcp -- ppp1 eth0 0.0.0.0/0 10.0.0.12 tcp dpt:110
0 0 ACCEPT tcp -- ppp2 eth0 0.0.0.0/0 10.0.0.12 tcp dpt:110
0 0 ACCEPT tcp -- ppp3 eth0 0.0.0.0/0 10.0.0.12 tcp dpt:110
0 0 ACCEPT tcp -- ppp4 eth0 0.0.0.0/0 10.0.0.12 tcp dpt:110
ip rule list
0: from all lookup local
32761: from 165.165.170.110 lookup T5
32762: from 165.165.187.47 lookup T4
32763: from 165.165.189.95 lookup T3
32764: from 165.165.163.95 lookup T2
32765: from 165.165.179.151 lookup T1
32766: from all lookup main
32767: from all lookup default
ip route sh
165.165.160.1 dev ppp1 proto kernel scope link src 165.165.163.95
165.165.160.1 dev ppp3 proto kernel scope link src 165.165.187.47
165.165.160.1 dev ppp4 proto kernel scope link src 165.165.170.110
165.165.160.1 dev ppp0 proto kernel scope link src 165.165.179.151
165.165.160.1 dev ppp2 proto kernel scope link src 165.165.189.95
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.1
default
nexthop via 165.165.160.1 dev ppp0 weight 1
nexthop via 165.165.160.1 dev ppp1 weight 1
nexthop via 165.165.160.1 dev ppp2 weight 1
nexthop via 165.165.160.1 dev ppp3 weight 1
nexthop via 165.165.160.1 dev ppp4 weight 1
[-- Attachment #2: Type: text/html, Size: 7292 bytes --]
next reply other threads:[~2004-07-04 10:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-04 10:52 Mark Coetser [this message]
2004-07-05 2:30 ` load balanced adsl lines Ming-Ching Tiew
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='01dc01c461b4$f0828670$fe00000a@citadel' \
--to=mark@thummb.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.