From mboxrd@z Thu Jan 1 00:00:00 1970 From: Raphael Benedet Date: Wed, 10 Mar 2004 15:34:22 +0000 Subject: Re: [LARTC] multipath route inbound port forward Message-Id: <404F357E.3060403@raph.com> List-Id: References: <000001c40689$4c65e950$0100a8c0@newlife> In-Reply-To: <000001c40689$4c65e950$0100a8c0@newlife> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hi, I had the same problem some time ago, I couldn't have DNAT working onmy second interface. Could you please post all your routing tables? And also, what are your connections? Both PPP? PPPoE? ... Best Regards, Raphael Benedet 3D Artists - raph.com "bringing art into the third dimension" Ming-Ching Tiew wrote: > I have two external IPs ( OUTSIDE_IP and OUTSIDE_IP2 ) and > I have already set them up using multipath routing and the outbound > nat traffic seems to be working fine, there is certain amount > of traffic split between the two external links. > > But when checking the inbound port forwarding, only the port forwarding > on the first link is working, the in bound to the second is not working. > > These are the port forwarding rules I make :- > > For the first link :- > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 80 -j > DNAT --to ${SERVER}:80 > iptables -A FORWARD -p tcp -d ${SERVER} --dport 801 -o ${INSIDE_DEVICE} -j > ACCEPT > > For the second link, it is identical :- > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP2} --dport 80 -j > DNAT --to ${SERVER}:80 > iptables -A FORWARD -p tcp -d ${SERVER} --dport 801 -o ${INSIDE_DEVICE} -j > ACCEPT > > The second 'iptables -A FORWARD ...... ' is a repeat but it is done anyway > ( which I > believe should be no hard ). > > A check on the 'iptables -n -L' and 'iptables -t nat -n -L' revealed that > the setting were indeed exist. > > Anything which i missed out which causes the inbound port forward only > working > on the first link but not on the second link ? > > > > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/