* [LARTC] multiple routing tables for internal router programs
@ 2007-06-11 15:20 Andrea
2007-06-11 19:01 ` Javier Charne
0 siblings, 1 reply; 2+ messages in thread
From: Andrea @ 2007-06-11 15:20 UTC (permalink / raw)
To: lartc
Maybe a strange request, I'll try to explain this as clearer as I can
(forgive my bad english, please :-) ).
I'm setting a linux box as a router. My router uses multiple routing
tables, so I can address the traffic from specific ip addresses of my
lan to distinct ISPs providers (specifying a different default gateway
fo r each table), marking packets with iptables (prerouting marks).
This works with the forwarding traffic (lan-ISPs) that crosses my router.
But how can I reach the same result for programs/services that are
working INTO the linux box? All I want is that a program (ping, for
examples, or a VOIP server, better) uses a secondary routing table in
the same machine. In this mode, I can manipulate route settings for
different classes of program in my router.
Is it possible?
Thanks
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] multiple routing tables for internal router programs
2007-06-11 15:20 [LARTC] multiple routing tables for internal router programs Andrea
@ 2007-06-11 19:01 ` Javier Charne
0 siblings, 0 replies; 2+ messages in thread
From: Javier Charne @ 2007-06-11 19:01 UTC (permalink / raw)
To: lartc
Andrea escribió:
> Maybe a strange request, I'll try to explain this as clearer as I can
> (forgive my bad english, please :-) ).
>
Está permitido responder en castellano en esta lista?
> I'm setting a linux box as a router. My router uses multiple routing
> tables, so I can address the traffic from specific ip addresses of my
> lan to distinct ISPs providers (specifying a different default gateway
> fo r each table), marking packets with iptables (prerouting marks).
>
> This works with the forwarding traffic (lan-ISPs) that crosses my router.
>
> But how can I reach the same result for programs/services that are
> working INTO the linux box? All I want is that a program (ping, for
> examples, or a VOIP server, better) uses a secondary routing table in
> the same machine. In this mode, I can manipulate route settings for
> different classes of program in my router.
>
Lo que podés hacer es "marcar" los paquetes mediante iptables -t mangle
y luego definir reglas (ip rule) para routear cada paquete de acuerdo a
la marca que tenga, por las tablas (ip route) que tengas definidas.
Por ejemplo:
Definís una tabla con su gateway (alguno de tus conexiones), y le ponés
las redes que necesitás sean "conocidas" en la tabla:
ip route add 127.0.0.0/8 dev lo scope link table 100
ip route add $NET_INTERNA dev $IF_INTERNA scope link table 100
ip route add $NET_ADSL1 dev $IF_ADSL2 scope link table 100
ip route add $NET_ADSL2 dev $IF_ADSL2 scope link table 100
ip route add default dev $IF_ADSL2 via $GW_ADSL2 table 100
Definís una regla que todo paquete esté marcado con un 1, use esa tabla
de routeo (salga por ese gateway...)
ip rule add fwmark 1 table 100
Y también, marcás con un 1 cada paquete que querés que use esa tabla
(por ejemplo, el tráfico web):
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
Espero te sirva.
Saludos!
Javier.-
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-11 19:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-11 15:20 [LARTC] multiple routing tables for internal router programs Andrea
2007-06-11 19:01 ` Javier Charne
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.