All of lore.kernel.org
 help / color / mirror / Atom feed
From: Rudi Starcevic <tech@wildcash.com>
To: lartc@vger.kernel.org
Subject: [LARTC] ip rule: from source prefix
Date: Mon, 06 Dec 2004 00:16:46 +0000	[thread overview]
Message-ID: <41B3A4EE.9080005@wildcash.com> (raw)

Hi,

I've just setup my first Linux router and have run into a problem with 
the from source prefix when using `ip rule`.

If I set a from source prefix in my ip rules the two networks can see 
each other but the Linux router itself can
only ping 1 network.

/etc/iproute2/rt_tables

255     local
254     main
253     default
0       unspec
1       inr.ruhep

100     implan
200     inet

Here I set up two NICs:

ip addr add 192.168.2.7/24 dev eth0 brd +
ip addr add 192.168.3.7/24 dev eth1 brd +

Here I set up two routes:

ip route add default via 192.168.2.1 proto static table inet
ip route add 192.168.3/24 via 192.168.3.7 proto static table implan

Here I set up two rules:

ip rule add from 192.168.0.0/16 to 192.168.3/24 prio 16000 table implan
ip rule add from 192.168.2.0/24 to 0/0 prio 17000 table inet

Here set up forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

The only way I can get the two networks to see each other and the router 
able to
see 2 networks is to remove reference to the from source prefix in the 
ip rule like so

ip rule add to 192.168.3/24 prio 16000 table implan
ip rule add to 0/0 prio 17000 table inet

It's the same rule with now reference to the from source prefix.

Can you help explain how I set the from source prefix so the the two 
networks and the router
can all see/ping each other.

I hope I explain that OK.

Many thanks.
Kind regards,
Rudi.



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

                 reply	other threads:[~2004-12-06  0:16 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=41B3A4EE.9080005@wildcash.com \
    --to=tech@wildcash.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.