From: Alex Samad <alex@samad.com.au>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Re: multiple routing tables for internal router programs
Date: Thu, 14 Jun 2007 04:23:14 +0000 [thread overview]
Message-ID: <20070614042314.GD5364@samad.com.au> (raw)
In-Reply-To: <Pine.LNX.4.64.0706111505070.3751@tigger.tntechs.com>
[-- Attachment #1.1: Type: text/plain, Size: 4033 bytes --]
On Thu, Jun 14, 2007 at 11:50:30AM +0800, Salim S I wrote:
> I solved it, thought a bit ugly.
>
> Have two more rules now in ip ru
>
> 32150: from all lookup main
> 32201: from all fwmark 0x200/0x200 lookup wan1_route
> 32202: from all fwmark 0x400/0x400 lookup wan2_route
> 32203: from 10.20.0.137 lookup wan1_route
> 32204: from 10.2.3.107 lookup wan2_route
> 32205: from all lookup catch_all
> 32766: from all lookup main
>
> I did not like to include WAN IP anywhere, coz it may be dynamic, but
> well, seems like no choice.
ran into the same problem, I capture the link information at ip-up time for
ppp/pppoe and dhcp time for cable modem, then I fire off a scrip that pulls
down all the ip ru & ip ro and builds it from scratch (as well as the
specialised iptables rules as well). This should only happen when I loose a
connection so should be okay
>
> And then two rules in OUTPUT chain
> Iptables -t mangle -A OUTPUT -o eth2 -j LB1
> Iptables -t mangle -A OUTPUT -o eth3 -j LB2
>
> -----Original Message-----
> From: lartc-bounces@mailman.ds9a.nl
> [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of Salim S I
> Sent: Wednesday, June 13, 2007 12:08 PM
> To: 'Peter Rabbitson'
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] Re: multiple routing tables for internal router
> programs
>
> My configuration
>
> root@127.0.0.1:~# ip ru
> 0: from all lookup local
> 32150: from all lookup main
> 32201: from all fwmark 0x200/0x200 lookup wan1_route
> 32202: from all fwmark 0x400/0x400 lookup wan2_route
> 32203: from all lookup catch_all
> 32766: from all lookup main
> 32767: from all lookup default
>
> root@127.0.0.1:~# ip ro li ta main
> 192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.254
> 10.20.0.0/24 dev eth2 proto kernel scope link src 10.20.0.137
> 192.168.1.0/24 dev eth10 proto kernel scope link src 192.168.1.254
> 10.2.3.0/24 dev eth3 proto kernel scope link src 10.2.3.107
> 127.0.0.0/8 dev lo scope link
>
> root@127.0.0.1:~# ip ro li ta wan1_route
> default via 10.20.0.1 dev eth2 proto static
> root@127.0.0.1:~# ip ro li ta wan2_route
> default via 10.2.3.254 dev eth3 proto static
>
> root@127.0.0.1:~# ip ro li ta catch_all
> default proto static
> nexthop via 10.20.0.1 dev eth2 weight 1
> nexthop via 10.2.3.254 dev eth3 weight 1
>
> The catch_all table comes into play only for local packets. All
> forwarded packets are marked in mangle PREROUTING, with 0x200 0r 0x400.
>
> If not loadblancing ping script, there maybe other apps using domain
> names instead of IP address, they might still fail, right?
>
> The problem happens when one of the link goes down (not the nexthop,but
> after that). Then the kernel will pick an interface and wrong src IP for
> local packets.
>
>
> -----Original Message-----
> From: Peter Rabbitson [mailto:rabbit@rabbit.us]
> Sent: Tuesday, June 12, 2007 7:24 PM
> To: Salim S I
> Cc: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] Re: multiple routing tables for internal router
> programs
>
> Salim S I wrote:
> > Thanks! I get it now.
> > But why the src address for the interface is wrong?
> > In my case eth2 has a.b.c.d and eth3 has p.q.r.s.
> >
> > DNS queries going through eth2 has p.q.r.s as src address and those
> > going through eth3 has a.b.c.d. Something wrong with routing?
>
> Possible. Post full configuration and someone might be able to help.
>
> > I was wondering, how the ping script (to check the lonk status) of
> > others work id domain name is used.
>
> Don't know about others, and I personally use ip addresses :)
>
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
[-- Attachment #1.2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
[-- Attachment #2: Type: text/plain, Size: 143 bytes --]
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2007-06-14 4:23 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-11 19:06 [LARTC] Re: multiple routing tables for internal router programs Tom Diehl
2007-06-11 19:23 ` Javier Charne
2007-06-12 7:59 ` Andrea
2007-06-12 8:09 ` Salim S I
2007-06-12 9:01 ` Peter Rabbitson
2007-06-12 9:15 ` Andrea
2007-06-12 9:29 ` Peter Rabbitson
2007-06-12 9:49 ` Salim S I
2007-06-12 10:02 ` Peter Rabbitson
2007-06-12 10:10 ` Andrea
2007-06-12 10:20 ` Salim S I
2007-06-12 11:23 ` Peter Rabbitson
2007-06-13 4:08 ` Salim S I
2007-06-14 3:50 ` Salim S I
2007-06-14 4:23 ` Alex Samad [this message]
2007-06-14 7:26 ` Peter Rabbitson
2007-06-14 10:34 ` Salim S I
2007-06-15 3:26 ` Salim S I
2007-06-15 6:00 ` Peter Rabbitson
2007-06-15 6:01 ` Peter Rabbitson
2007-06-15 6:21 ` Salim S I
2007-06-15 6:29 ` Peter Rabbitson
2007-06-15 9:36 ` Salim S I
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070614042314.GD5364@samad.com.au \
--to=alex@samad.com.au \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.