* [LARTC] General Traffic Control Question
@ 2005-06-08 1:24 Cal Spadoni
2005-06-08 2:41 ` Jon
2005-06-08 2:55 ` Jody Shumaker
0 siblings, 2 replies; 3+ messages in thread
From: Cal Spadoni @ 2005-06-08 1:24 UTC (permalink / raw)
To: lartc
Here's my situation:
I've got an Intel machine running a 2.6.9 linux kernel and this box has
4 modems attached to it via a usb to serial port expander. In order to
force data down each of the modems, some pretty simple rules are used
and they are as follows:
iptables -t mangle -A OUTPUT -p tcp --dport $PORT1 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp --dport $PORT2 -j MARK --set-mark 2
iptables -t mangle -A OUTPUT -p tcp --dport $PORT3 -j MARK --set-mark 3
iptables -t mangle -A OUTPUT -p tcp --dport $PORT4 -j MARK --set-mark 4
ip rule add fwmark 1 table isp1
ip rule add fwmark 2 table isp2
ip rule add fwmark 3 table isp3
ip rule add fwmark 4 table isp4
ip route add default via $GWIPADDR dev ppp0 table isp1
ip route add default via $GWIPADDR dev ppp1 table isp2
ip route add default via $GWIPADDR dev ppp2 table isp3
ip route add default via $GWIPADDR dev ppp3 table isp4
$PORT1 thru $PORT4 are unique and $GWIPADDR is the same for all 4 ppp links.
Using these rules, data going out of my Intel box is shaped nicely based
on looking at the transmit columns in /proc/net/dev.
On the receive side, all of the traffic is coming down the only kernel
default route, which is ppp0, and this is the problem.
Is there a way to use iptables to force answers for data going out a
given ppp link to be returned using the same link?
Thanks in advance for your help!!
- Cal
cspadoni@cornerturn.com
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] General Traffic Control Question
2005-06-08 1:24 [LARTC] General Traffic Control Question Cal Spadoni
@ 2005-06-08 2:41 ` Jon
2005-06-08 2:55 ` Jody Shumaker
1 sibling, 0 replies; 3+ messages in thread
From: Jon @ 2005-06-08 2:41 UTC (permalink / raw)
To: lartc
On Tue, June 7, 2005 18:24, Cal Spadoni said:
> Here's my situation:
>
> I've got an Intel machine running a 2.6.9 linux kernel and this box has
> 4 modems attached to it via a usb to serial port expander. In order to
> force data down each of the modems, some pretty simple rules are used
> and they are as follows:
>
> iptables -t mangle -A OUTPUT -p tcp --dport $PORT1 -j MARK --set-mark 1
> iptables -t mangle -A OUTPUT -p tcp --dport $PORT2 -j MARK --set-mark 2
> iptables -t mangle -A OUTPUT -p tcp --dport $PORT3 -j MARK --set-mark 3
> iptables -t mangle -A OUTPUT -p tcp --dport $PORT4 -j MARK --set-mark 4
>
> ip rule add fwmark 1 table isp1
> ip rule add fwmark 2 table isp2
> ip rule add fwmark 3 table isp3
> ip rule add fwmark 4 table isp4
>
> ip route add default via $GWIPADDR dev ppp0 table isp1
> ip route add default via $GWIPADDR dev ppp1 table isp2
> ip route add default via $GWIPADDR dev ppp2 table isp3
> ip route add default via $GWIPADDR dev ppp3 table isp4
>
> $PORT1 thru $PORT4 are unique and $GWIPADDR is the same for all 4 ppp
> links.
>
> Using these rules, data going out of my Intel box is shaped nicely based
> on looking at the transmit columns in /proc/net/dev.
>
> On the receive side, all of the traffic is coming down the only kernel
> default route, which is ppp0, and this is the problem.
>
> Is there a way to use iptables to force answers for data going out a
> given ppp link to be returned using the same link?
>
> Thanks in advance for your help!!
>
> - Cal
>
> cspadoni@cornerturn.com
>
Perhaps ip_connmark is what your looking for.
--
Regards,
Jon
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] General Traffic Control Question
2005-06-08 1:24 [LARTC] General Traffic Control Question Cal Spadoni
2005-06-08 2:41 ` Jon
@ 2005-06-08 2:55 ` Jody Shumaker
1 sibling, 0 replies; 3+ messages in thread
From: Jody Shumaker @ 2005-06-08 2:55 UTC (permalink / raw)
To: lartc
Jon wrote:
>On Tue, June 7, 2005 18:24, Cal Spadoni said:
>
>
>>Here's my situation:
>>[Snip]
>>Is there a way to use iptables to force answers for data going out a
>>given ppp link to be returned using the same link?
>>
>>Thanks in advance for your help!!
>>
>>- Cal
>>
>>cspadoni@cornerturn.com
>>
>>
>>
>
>Perhaps ip_connmark is what your looking for.
>
>--
>Regards,
>Jon
>
>
>
Nah, the issue is sending out data from all 4 ppp interfaces with the
same source ip, obviously the data is all going to be sent back to that
one ip. The other end of the connections is sending down only 1 of the 4
ppp interfaces. If all 4 ppp interfaces truly do have the same ip, then
nothing can be done locally, it has to be done on the other end of the 4
ppp interfaces. However, if each of the 4 ppp interfaces does have a
different ip, you could use some nat and load balancing, there's a
rther helpful faq here
http://lartc.org/howto/lartc.rpdb.multiple-links.html Using that
method, the source ip will be cycled between the 4 for new connections,
attempting to keep them load balanced.
- Jody
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-06-08 2:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-08 1:24 [LARTC] General Traffic Control Question Cal Spadoni
2005-06-08 2:41 ` Jon
2005-06-08 2:55 ` Jody Shumaker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.