[LARTC] ip rule: from source prefix

[LARTC] ip rule: from source prefix

[Rudi Starcevic]

Hi,

I've just setup my first Linux router and have run into a problem with 
the from source prefix when using `ip rule`.

If I set a from source prefix in my ip rules the two networks can see 
each other but the Linux router itself can
only ping 1 network.

/etc/iproute2/rt_tables

255     local
254     main
253     default
0       unspec
1       inr.ruhep

100     implan
200     inet

Here I set up two NICs:

ip addr add 192.168.2.7/24 dev eth0 brd +
ip addr add 192.168.3.7/24 dev eth1 brd +

Here I set up two routes:

ip route add default via 192.168.2.1 proto static table inet
ip route add 192.168.3/24 via 192.168.3.7 proto static table implan

Here I set up two rules:

ip rule add from 192.168.0.0/16 to 192.168.3/24 prio 16000 table implan
ip rule add from 192.168.2.0/24 to 0/0 prio 17000 table inet

Here set up forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

The only way I can get the two networks to see each other and the router 
able to
see 2 networks is to remove reference to the from source prefix in the 
ip rule like so

ip rule add to 192.168.3/24 prio 16000 table implan
ip rule add to 0/0 prio 17000 table inet

It's the same rule with now reference to the from source prefix.

Can you help explain how I set the from source prefix so the the two 
networks and the router
can all see/ping each other.

I hope I explain that OK.

Many thanks.
Kind regards,
Rudi.



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/