From: Paco Brufal <pbrufal@mutoid.org>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] routing to two interfaces
Date: Thu, 21 Nov 2002 00:27:00 +0000 [thread overview]
Message-ID: <marc-lartc-103783851915275@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103783300809624@msgid-missing>
On nov/20/2002, Martin A. Brown wrote:
> packet belongs to a session inbound over eth1 or eth2. This is the
> statelessness of IP routing!
I'm thinking in one possibility, but I'm really new with iproute and
I don't know if it is possible...
eth0 has the IP 10.10.10.1, and I create an alias eth0:1 with IP
10.10.10.2. With 'ip', I route packets from eth1 to eth0, and packets from
eth2 to eth0:1. When these packets returns from the LAN, they go to an
especific IP (10.10.10.1 or 10.10.10.2). Then I mark these packets with
iptables (maybe in PREROUTING?), i.e., packets to eth0 with mark X, and
packets to eth0:1 with mark Y, and route these packets with 'ip route'
looking the mark of the packet (mark X -> eth1, mark Y -> eth2). The last
action is to MASQUERADE the packets for each interface...
> In order to make any recommendation, we would need to know what the IP
> address ranges are and specifically why/how Paco envisions using these
> two links.
The two public interfaces aren't in the same range (80.37... and
80.59...). The purpose of this Linux box is to provide high availability to
several servers, but the two public interfaces of this box may work at the
same time. eth1 handles DNS traffic, and eth2 handles SMTP and HTTP
traffic. When one of the link goes down, the other may take all traffic (we
detect the link-down and change the DNS to point to the working interface).
--
...Bonkers (Stunned Guys Mix). The Riders. 1996
--- Debian + Mutt + Postfix
* Origin: Web Page: http://pbrufal.kleenux.org (Fido 2:346/7.68)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-11-21 0:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-20 22:55 [LARTC] routing to two interfaces Paco Brufal
2002-11-20 23:05 ` Martin A. Brown
2002-11-20 23:26 ` Robert Felber
2002-11-20 23:34 ` Robert Felber
2002-11-20 23:45 ` Martin A. Brown
2002-11-21 0:04 ` Robert Felber
2002-11-21 0:09 ` Robert Felber
2002-11-21 0:27 ` Paco Brufal [this message]
2002-11-21 0:38 ` Paco Brufal
2002-11-21 3:37 ` Martin A. Brown
2002-11-21 8:27 ` Arthur van Leeuwen
2002-11-21 18:28 ` Paco Brufal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103783851915275@msgid-missing \
--to=pbrufal@mutoid.org \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.