* [LARTC] Multiple gateways
@ 2005-06-10 12:54 aristo7514 aristo7514
2005-06-10 13:23 ` Edesio Costa e Silva
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: aristo7514 aristo7514 @ 2005-06-10 12:54 UTC (permalink / raw)
To: lartc
Hello,
Since I could not figure out my previous problem, let me ask in a different way.
I have 3 networks inside my LAN. They are 172.16.55.0/24 ,
172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as
an alias.
I also have 2 uplinks to different ISPs. One of them is leased line
and the other one is ADSL.
One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1
and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3.
I am trying to split my internal networks to these two providers.
So,
iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
This is what I am trying to set up. I also looked at the lartc.org and
tried to implement split access.
ip route add default scope global nexthop via 81.8.124.17 dev eth1
weight 1 nexthop via 172.18.10.2 dev eth3 weight 1
This command works if I ping from the linux router itself. It chooses
a path and successfully returns ping results.
But the NAT does not work.
I got a message;
MASQUERADE : Route sent us somewhere else.
What would be the solution to this problem?
Best Regards,
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Multiple gateways
2005-06-10 12:54 [LARTC] Multiple gateways aristo7514 aristo7514
@ 2005-06-10 13:23 ` Edesio Costa e Silva
2005-06-12 20:24 ` aristo7514 aristo7514
2005-06-13 5:37 ` gypsy
2 siblings, 0 replies; 4+ messages in thread
From: Edesio Costa e Silva @ 2005-06-10 13:23 UTC (permalink / raw)
To: lartc
Hi!
I had a similar problem, two internal networks and two links. I had to apply
the patch at http://www.ssi.bg/~ja/routes-2.4.29-9.diff. It seems the
packets got a source address while masquerading and when they are routed
outbound the source address doesn't match the link address.
MAYBE, just MAYBE, the problem can also be solved if you use SNAT instead of
MASQUERADING.
I hope this helps.
Edésio
On Fri, Jun 10, 2005 at 03:54:30PM +0300, aristo7514 aristo7514 wrote:
> Hello,
>
> Since I could not figure out my previous problem, let me ask in a different way.
>
> I have 3 networks inside my LAN. They are 172.16.55.0/24 ,
> 172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as
> an alias.
>
> I also have 2 uplinks to different ISPs. One of them is leased line
> and the other one is ADSL.
>
> One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1
> and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3.
>
> I am trying to split my internal networks to these two providers.
>
> So,
> iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
>
> iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE
>
> iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
>
> This is what I am trying to set up. I also looked at the lartc.org and
> tried to implement split access.
>
> ip route add default scope global nexthop via 81.8.124.17 dev eth1
> weight 1 nexthop via 172.18.10.2 dev eth3 weight 1
>
> This command works if I ping from the linux router itself. It chooses
> a path and successfully returns ping results.
>
> But the NAT does not work.
> I got a message;
>
> MASQUERADE : Route sent us somewhere else.
>
> What would be the solution to this problem?
>
> Best Regards,
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
--
Grief can take care of itself, but to get the full value of a joy you must
have somebody to divide it with. -- Mark Twain
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Multiple gateways
2005-06-10 12:54 [LARTC] Multiple gateways aristo7514 aristo7514
2005-06-10 13:23 ` Edesio Costa e Silva
@ 2005-06-12 20:24 ` aristo7514 aristo7514
2005-06-13 5:37 ` gypsy
2 siblings, 0 replies; 4+ messages in thread
From: aristo7514 aristo7514 @ 2005-06-12 20:24 UTC (permalink / raw)
To: lartc
Dear Edesio;
Thank you for your help.
I tried to download the patch and apply it to fedora core 2, but I got
lots of errors. I believe the patch is for kernel 2.4 and my kernel is
2.6.5. Either, I need to find a distribution that uses kernel 2.4 or
try something else.
So far, I have changed my configuration a bit;
I have 2 DSL lines connected to ADSL modems, I am trying to split my
local networks between these two lines.
My uplinks are eth3 - 192.168.2.100 with gw 192.168.2.1 and eth1 -
192.168.3.100 with gw 192.168.3.1
Still same config for eth0
eth0 : 172.16.55.0/24
eth0:0 172.16.56.0/24
eth0:1 172.16.57.0/24
eth0:2 172.16.55.0/24
I tried SNAT with ip route ;
iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -o eth1 -j SNAT
--to-source 192.168.3.100
iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -o eth3 -j SNAT
--to-source 192.168.2.100
iptables -t nat -A POSTROUTING -s 172.16.57.0/24 -o eth1 -j SNAT
--to-source 192.168.3.100
iptables -t nat -A POSTROUTING -s 172.16.58.0/24 -o eth3 -j SNAT
--to-source 192.168.2.100
ip rule add from 192.168.3.100 table 10
ip rule add from 192.168.2.100 table 20
ip route add default via 192.168.3.1 dev eth1 table 10
ip route add default via 192.168.2.1 dev eth3 table 20
ip route add default via 192.168.3.1
This is where I got stuck.
Any more ideas? I am not trying to implement per packet route sharing,
just a simply source based routing.
Best Regards,
On 6/10/05, Edesio Costa e Silva <edesio@softaplic.com.br> wrote:
> Hi!
>
> I had a similar problem, two internal networks and two links. I had to apply
> the patch at http://www.ssi.bg/~ja/routes-2.4.29-9.diff. It seems the
> packets got a source address while masquerading and when they are routed
> outbound the source address doesn't match the link address.
>
> MAYBE, just MAYBE, the problem can also be solved if you use SNAT instead of
> MASQUERADING.
>
> I hope this helps.
>
> Edésio
>
> On Fri, Jun 10, 2005 at 03:54:30PM +0300, aristo7514 aristo7514 wrote:
> > Hello,
> >
> > Since I could not figure out my previous problem, let me ask in a different way.
> >
> > I have 3 networks inside my LAN. They are 172.16.55.0/24 ,
> > 172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as
> > an alias.
> >
> > I also have 2 uplinks to different ISPs. One of them is leased line
> > and the other one is ADSL.
> >
> > One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1
> > and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3.
> >
> > I am trying to split my internal networks to these two providers.
> >
> > So,
> > iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
> >
> > iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE
> >
> > iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE
> >
> > This is what I am trying to set up. I also looked at the lartc.org and
> > tried to implement split access.
> >
> > ip route add default scope global nexthop via 81.8.124.17 dev eth1
> > weight 1 nexthop via 172.18.10.2 dev eth3 weight 1
> >
> > This command works if I ping from the linux router itself. It chooses
> > a path and successfully returns ping results.
> >
> > But the NAT does not work.
> > I got a message;
> >
> > MASQUERADE : Route sent us somewhere else.
> >
> > What would be the solution to this problem?
> >
> > Best Regards,
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
> --
> Grief can take care of itself, but to get the full value of a joy you must
> have somebody to divide it with. -- Mark Twain
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Multiple gateways
2005-06-10 12:54 [LARTC] Multiple gateways aristo7514 aristo7514
2005-06-10 13:23 ` Edesio Costa e Silva
2005-06-12 20:24 ` aristo7514 aristo7514
@ 2005-06-13 5:37 ` gypsy
2 siblings, 0 replies; 4+ messages in thread
From: gypsy @ 2005-06-13 5:37 UTC (permalink / raw)
To: lartc
aristo7514 aristo7514 wrote:
>
> Dear Edesio;
>
> Thank you for your help.
>
> I tried to download the patch and apply it to fedora core 2, but I got
> lots of errors. I believe the patch is for kernel 2.4 and my kernel is
> 2.6.5. Either, I need to find a distribution that uses kernel 2.4 or
> try something else.
That is because you downloaded the wrong patch for your kernel.
Julian's site has the correct patch, so go find it.
--
gypsy
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-06-13 5:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-10 12:54 [LARTC] Multiple gateways aristo7514 aristo7514
2005-06-10 13:23 ` Edesio Costa e Silva
2005-06-12 20:24 ` aristo7514 aristo7514
2005-06-13 5:37 ` gypsy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.