All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Routing based on source address
@ 2006-05-31 13:07 Joost Kraaijeveld
  2006-05-31 14:38 ` Erez D
  2006-05-31 15:23 ` Martin A. Brown
  0 siblings, 2 replies; 3+ messages in thread
From: Joost Kraaijeveld @ 2006-05-31 13:07 UTC (permalink / raw)
  To: lartc

Hi,

Is it possible to create a routing rule that depends on the source
host/network, besides the target host/network?

E.g. route everything from 192.168.0.x to 10.0.0.1, and route everything
from 192.168.1.x to 10.0.0.1.

TIA

-- 
Groeten,

Joost Kraaijeveld
Askesis B.V.
Molukkenstraat 14
6524NB Nijmegen
tel: 024-3888063 / 06-51855277
fax: 024-3608416
web: www.askesis.nl
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [LARTC] Routing based on source address
  2006-05-31 13:07 [LARTC] Routing based on source address Joost Kraaijeveld
@ 2006-05-31 14:38 ` Erez D
  2006-05-31 15:23 ` Martin A. Brown
  1 sibling, 0 replies; 3+ messages in thread
From: Erez D @ 2006-05-31 14:38 UTC (permalink / raw)
  To: lartc


[-- Attachment #1.1: Type: text/plain, Size: 719 bytes --]

yes,

see my posting at http://mailman.ds9a.nl/pipermail/lartc/2006q2/018843.html
erez.


On 5/31/06, Joost Kraaijeveld <J.Kraaijeveld@askesis.nl> wrote:
>
> Hi,
>
> Is it possible to create a routing rule that depends on the source
> host/network, besides the target host/network?
>
> E.g. route everything from 192.168.0.x to 10.0.0.1, and route everything
> from 192.168.1.x to 10.0.0.1.
>
> TIA
>
> --
> Groeten,
>
> Joost Kraaijeveld
> Askesis B.V.
> Molukkenstraat 14
> 6524NB Nijmegen
> tel: 024-3888063 / 06-51855277
> fax: 024-3608416
> web: www.askesis.nl
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>

[-- Attachment #1.2: Type: text/html, Size: 1320 bytes --]

[-- Attachment #2: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [LARTC] Routing based on source address
  2006-05-31 13:07 [LARTC] Routing based on source address Joost Kraaijeveld
  2006-05-31 14:38 ` Erez D
@ 2006-05-31 15:23 ` Martin A. Brown
  1 sibling, 0 replies; 3+ messages in thread
From: Martin A. Brown @ 2006-05-31 15:23 UTC (permalink / raw)
  To: lartc


Joost,

 : Is it possible to create a routing rule that depends on the 
 : source host/network, besides the target host/network?
 : 
 : E.g. route everything from 192.168.0.x to 10.0.0.1, and route 
 : everything from 192.168.1.x to 10.0.0.1.

Yes.  If I understand your question correctly, you have described a 
classic case of policy routing.  Policy routing allows you to use 
packet attributes and meta-attributes other than the destination 
IP/network for route selection.  These documents [0] and [1] are a 
few years old, but everything described still functions this way.

You will want to learn about how to use the routing policy database 
(RPDB) and then you'll need to create multiple routing tables.  The 
RPDB controls whether and which of the routing tables is selected 
based on things like Type of Service (ToS), source address, 
netfilter mark and/or ingress interface.

And here are two tips:

  A. turn off reverse path filtering [2]
  B. think about the return path of packets, too

Forgetting to account for the return path of packets seems to be a 
commonly encountered problem when implementing policy routing 
solutions.  I suggest the copy_routing_table shell function [3], 
which can be run like this:

  # printf "%s %s\n" 5 provider_b >> /etc/iproute2/rt_tables
  # copy_routing_table provider_b

Now, there's an exact copy of the main routing table in the routing 
table provider_b (number 5).  Next step is to change the default 
route for that routing table:

  # ip route change default table provider_b via 10.0.0.1
  # ip rule add from 192.168.0.0/24 table provider_b
  # ip rule add from 192.168.1.0/24 table provider_b

Good luck,

-Martin

 [0] http://linux-ip.net/html/routing-rpdb.html
 [1] http://linux-ip.net/html/routing-selection.html
 [2] http://lartc.org/howto/lartc.kernel.html#LARTC.KERNEL.RPF

 [3] function for copying a routing table

     # - - - - - - - - - - -
       copy_routing_table () {
     # - - - - - - - - - - -
     #
     # -- accepts at least one parameter:
     #
     #    $1:  table identifier for the routing table to create
     #    $2:  optional source table identifier
     #
       test "$#" -lt "1"     && return
       DTABLE=$1
     
       test "$#" -gt "1"     && STABLE="$2"
       test "$STABLE" = ""   && STABLE="main"
     
       ip route flush table $DTABLE
       ip route show table $STABLE | while read ROUTE ; do
           ip route add table $DTABLE $ROUTE
       done
     
     }


-- 
Martin A. Brown
http://linux-ip.net/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-05-31 15:23 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-05-31 13:07 [LARTC] Routing based on source address Joost Kraaijeveld
2006-05-31 14:38 ` Erez D
2006-05-31 15:23 ` Martin A. Brown

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.