All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] 2 gateways - routing based in source address
@ 2007-05-27  4:21 Pablo Fernandes Yahoo
  2007-05-28 15:11 ` Marek Kierdelewicz
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Pablo Fernandes Yahoo @ 2007-05-27  4:21 UTC (permalink / raw)
  To: lartc


[-- Attachment #1.1: Type: text/plain, Size: 866 bytes --]

Hello,

 

I have a linux router, 2 internet access, 2 IP /24 ranges (as source
computers) and 3 interfaces cards.

 

 

(internet 2) 192.168.0.1 on eth0 [LINUX COMPUTER] 192.168.1.1 on eth1
(internet 1)

                                                10.1.0.1 on eth2 (customers)

 

The Sources (customers) are:

 

10.20.0.0/24 

10.30.0.0/24

 

I don't have IP on this ranges in my linux box. There is another router
under my linux box in my topology. But this customers arrives in my eth2
interface. I make SNAT fort his networks in my linux box.

 

The Gateways for internet access are:

 

192.168.0.254 on eth0

192.168.1.254 on eth1

 

I would like to have my customers of 10.20.0.0/24 going out for the internet
2 and the customers on 10.30.0.0/24 going out by the internet 1 (Eth1). 

 

 

Thanks for any help in advance.

 

 

Pablo Fernandes

 


[-- Attachment #1.2: Type: text/html, Size: 5839 bytes --]

[-- Attachment #2: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] 2 gateways - routing based in source address
  2007-05-27  4:21 [LARTC] 2 gateways - routing based in source address Pablo Fernandes Yahoo
@ 2007-05-28 15:11 ` Marek Kierdelewicz
  2007-05-29  4:32 ` Jorge Evangelista
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Marek Kierdelewicz @ 2007-05-28 15:11 UTC (permalink / raw)
  To: lartc

>Hello,
 

>I don't have IP on this ranges in my linux box. There is another router
>under my linux box in my topology. But this customers arrives in my
>eth2 interface. I make SNAT fort his networks in my linux box.
>...
 
What you need is simple source address based policy routing as
described here:
http://lartc.org/howto/lartc.rpdb.html

Example on lartc howto is pretty straightforward. Many inpolite
people would even say "RTFM".

pozdrawiam,
Marek Kierdelewicz
KoBa ISP
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] 2 gateways - routing based in source address
  2007-05-27  4:21 [LARTC] 2 gateways - routing based in source address Pablo Fernandes Yahoo
  2007-05-28 15:11 ` Marek Kierdelewicz
@ 2007-05-29  4:32 ` Jorge Evangelista
  2007-05-29 16:47 ` Pablo Fernandes Yahoo
  2007-05-30  1:28 ` Jorge Evangelista
  3 siblings, 0 replies; 5+ messages in thread
From: Jorge Evangelista @ 2007-05-29  4:32 UTC (permalink / raw)
  To: lartc

Hi Pablo,

You have to configure your box linux similar to:

ip rule add from 10.20.0.0/24   to 0.0.0.0/0  table 100
ip route add default via 192.168.0.254  table 100

ip rule add from 10.30.0.0/24  to 0.0.0.0/0  table 200
ip route add default via 192.168.1.254 table 200




On 5/28/07, Marek Kierdelewicz <marek@piasta.pl> wrote:
> >Hello,
>
>
> >I don't have IP on this ranges in my linux box. There is another router
> >under my linux box in my topology. But this customers arrives in my
> >eth2 interface. I make SNAT fort his networks in my linux box.
> >...
>
> What you need is simple source address based policy routing as
> described here:
> http://lartc.org/howto/lartc.rpdb.html
>
> Example on lartc howto is pretty straightforward. Many inpolite
> people would even say "RTFM".
>
> pozdrawiam,
> Marek Kierdelewicz
> KoBa ISP
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>


-- 
"The network is the computer"
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] 2 gateways - routing based in source address
  2007-05-27  4:21 [LARTC] 2 gateways - routing based in source address Pablo Fernandes Yahoo
  2007-05-28 15:11 ` Marek Kierdelewicz
  2007-05-29  4:32 ` Jorge Evangelista
@ 2007-05-29 16:47 ` Pablo Fernandes Yahoo
  2007-05-30  1:28 ` Jorge Evangelista
  3 siblings, 0 replies; 5+ messages in thread
From: Pablo Fernandes Yahoo @ 2007-05-29 16:47 UTC (permalink / raw)
  To: lartc


[-- Attachment #1.1: Type: text/plain, Size: 632 bytes --]

Hi,

 

First of all, thank you for your help.

 

And how can i put all the traffic comming from anywhere with destination
port 80 or 443 to go out by the gateway 192.168.1.254, while all the rest
going out by 192.168.0.254 ?

 

Im trying here different ways with ToS but it isn't working. Thank you for
any Tip.

 

Regards

 

>Hi Pablo,

> 

>You have to configure your box linux similar to:

> 

>ip rule add from 10.20.0.0/24   to 0.0.0.0/0  table 100

>ip route add default via 192.168.0.254  table 100

> 

>ip rule add from 10.30.0.0/24  to 0.0.0.0/0  table 200

>ip route add default via 192.168.1.254 table 200

> 

> 


[-- Attachment #1.2: Type: text/html, Size: 5820 bytes --]

[-- Attachment #2: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] 2 gateways - routing based in source address
  2007-05-27  4:21 [LARTC] 2 gateways - routing based in source address Pablo Fernandes Yahoo
                   ` (2 preceding siblings ...)
  2007-05-29 16:47 ` Pablo Fernandes Yahoo
@ 2007-05-30  1:28 ` Jorge Evangelista
  3 siblings, 0 replies; 5+ messages in thread
From: Jorge Evangelista @ 2007-05-30  1:28 UTC (permalink / raw)
  To: lartc

Hi,

I have not tried it yet. I think that you have to make a rule similiar as

ip rule  add   from 0.0.0.0/0  table 100
ip route add  default via  192.168.1.254  table 100 proto static

ip rule  add   from 0.0.0.0/0  table 200
ip route add  default via  192.168.0.254  table 200 proto static



#Mark incoming packets for later routing
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark

iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0  -p tcp --dport
80 -j MARK --set-mark 1
iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0  -p tcp --dport
443 -j MARK --set-mark 1
iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0  -j MARK --set-mark 2

ip rule add from all fwmark 1 table 100
ip rule add from all fwmark 2 table 200



For NAT
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $IP_ETH0
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to $IP_ETH1




On 5/29/07, Pablo Fernandes Yahoo <fernandes_pablo@yahoo.com.br> wrote:
>
>
>
> Hi,
>
>
>
> First of all, thank you for your help.
>
>
>
> And how can i put all the traffic comming from anywhere with destination
> port 80 or 443 to go out by the gateway 192.168.1.254, while all the rest
> going out by 192.168.0.254 ?
>
>
>
> Im trying here different ways with ToS but it isn't working. Thank you for
> any Tip.
>
>
>
> Regards
>
>
>
> >Hi Pablo,
>
> >
>
> >You have to configure your box linux similar to:
>
> >
>
> >ip rule add from 10.20.0.0/24   to 0.0.0.0/0  table 100
>
> >ip route add default via 192.168.0.254  table 100
>
> >
>
> >ip rule add from 10.30.0.0/24  to 0.0.0.0/0  table 200
>
> >ip route add default via 192.168.1.254 table 200
>
> >
>
> >
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
>


-- 
"The network is the computer"
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-05-30  1:28 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-05-27  4:21 [LARTC] 2 gateways - routing based in source address Pablo Fernandes Yahoo
2007-05-28 15:11 ` Marek Kierdelewicz
2007-05-29  4:32 ` Jorge Evangelista
2007-05-29 16:47 ` Pablo Fernandes Yahoo
2007-05-30  1:28 ` Jorge Evangelista

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.