From: Krystian Antoni <krystianantoni@gmail.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Routing by interface as opposed to ip address?
Date: Mon, 09 May 2005 16:08:07 +0000 [thread overview]
Message-ID: <258b6f705050909087aff2af4@mail.gmail.com> (raw)
In-Reply-To: <005301c5525c$10835b00$0603a8c0@JoeDevich>
[-- Attachment #1.1: Type: text/plain, Size: 2328 bytes --]
netfilter.org <http://netfilter.org> is a alias for
iptables.org<http://iptables.org>:-)
I haven't tested it becouse I was using an other way which I forgot to
mention.
You can MARK packets using iptables as comming from an interface and later
route by this MARK using normal routing technics.
Its all described in lartc.org <http://lartc.org> and took me half a day to
get it working without knowing anything :-)
On 5/9/05, Joe Devich <joe@mosaix.net> wrote:
> OK, thanks. Researching your answer also turned me on the netfilter.org<http://netfilter.org/>website, which I didn't know about. Have you used/tested the ROUTE patch?
>
> Regards,
>
> Joe
>
> -----Original Message-----
> *From:* Krystian Antoni [mailto:krystianantoni@gmail.com]
> *Sent:* Sunday, May 08, 2005 12:52 PM
> *To:* Joe Devich
> *Subject:* Re: [LARTC] Routing by interface as opposed to ip address?
>
> there is a iptables target module named ROUTE. it can help u
>
> On 5/6/05, *Joe Devich* <joe@mosaix.net> wrote:
>
> Hello all,
>
> Does anyone know of a methodology to build a route based on the inbound
> and outbound interfaces as opposed to ip addresses? We are essentially
> trying to forward packets from one interface to another without looking
> at the ip address. Bridging (brctl, br2684ctl) will not work in this
> case as the interfaces use different layer 2 encapsulation (e.g.,
> atm0<=>eth0, or ppp0<=>eth0).
>
> We could build a rule to match the incoming interface, then point to a
> routing table with a default route set to the outbound interface. The
> problem, with this approach is the limit of 255 routing tables in
> iproute2. Presumably, it would consume 2 routing tables for each
> "connection" (one forward, one reverse). We need more than 126
> "connections" per box.
>
> Some commercial routers allow policy routing using only the interfaces
> with ACL's, but it's not clear how this could be implemented in linux.
> We use debian (2.4 kernel) distro with iproute2, iptables, etc. Any
> suggestions would be most welcome.
>
> Cheers,
>
> Joe Devich
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
>
>
>
> --
> Miłego Dnia
> Krystian Antoni
>
--
Miłego Dnia
Krystian Antoni
[-- Attachment #1.2: Type: text/html, Size: 5210 bytes --]
[-- Attachment #2: Type: text/plain, Size: 143 bytes --]
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
prev parent reply other threads:[~2005-05-09 16:08 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-06 16:53 [LARTC] Routing by interface as opposed to ip address? Joe Devich
2005-05-09 16:08 ` Krystian Antoni [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=258b6f705050909087aff2af4@mail.gmail.com \
--to=krystianantoni@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.