All of lore.kernel.org
 help / color / mirror / Atom feed
From: "xchris" <lyra@fastwebnet.it>
To: lartc@vger.kernel.org
Subject: [LARTC] Default route - Please Help
Date: Thu, 01 May 2003 15:33:07 +0000	[thread overview]
Message-ID: <marc-lartc-105180332019719@msgid-missing> (raw)

I've read the howto but i still can't let thinghs go in the right way

My box has 4 nic.
2 internet connection eth0,eth1
1 dmz eth2
1 lan eth3


I would like to nat the internal lan wih one of the 2 ISP.
For my tests i created a script to switch the entire lan from one to the
other (i know it's redundand ....del...add.)

The problem is that NAT is done only if i set the default gateway (in the
main table)
I have set the 2 default gateways in the other 2 tables but it seems not to
consider them.

if i set default gateway to ISP1 and set nat rules to go with ISP2 it
doesn't work!!!
Why???

my future plan are to let some client go with ISP1 and other with ISP2

Please Help!!!
Any hint apreciated!!
Here is my (long) config.
Bye

xchris




eth0      Link encap:Ethernet  HWaddr 00:04:76:25:07:D9
          inet addr:192.168.1.237  Bcast:192.168.1.255  Mask:255.255.255.0

eth1      Link encap:Ethernet  HWaddr 00:04:76:25:07:3D
          inet addr:192.168.3.1  Bcast:192.168.3.255  Mask:255.255.255.0

eth2      Link encap:Ethernet  HWaddr 00:04:76:25:07:67
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0

eth3      Link encap:Ethernet  HWaddr 00:04:76:25:07:73
          inet addr:192.168.0.238  Bcast:192.168.0.255  Mask:255.255.255.0

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0


Here is my script (just basic... to test routing.. there's no firewall at
all)
it's done to act this way

script 1 -->all lan go with ISP 1
script 2 -->all lan go with ISP 2


echo 1 > /proc/sys/net/ipv4/ip_forward
route del default
IF3=eth3
IF1=eth0
IF2=eth1
IP1\x192.168.1.237
IP2\x192.168.3.1
IP3\x192.168.0.238
GW1\x192.168.1.238
GW2\x192.168.3.254
P1_NET\x192.168.1.0/24
P2_NET\x192.168.3.0/24
P3_NET\x192.168.0.0/24

echo "1 - Creating two additional routing tables"
echo
ip route del $P1_NET dev $IF1 src $IP1 table telecom
ip route add $P1_NET dev $IF1 src $IP1 table telecom
echo 1
ip route del default via $GW1 table telecom
ip route add default via $GW1 table telecom
echo 2
ip route del $P2_NET dev $IF2 src $IP2 table fastweb
ip route add $P2_NET dev $IF2 src $IP2 table fastweb
echo 3
ip route del default via $GW2 table fastweb
ip route add default via $GW2 table fastweb

echo "2 - Setting Main routing tables"
echo
ip route del $P1_NET dev $IF1 src $IP1
ip route del $P2_NET dev $IF2 src $IP2
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add default via $GW2


echo "3 - Setting answers from corresponing IPs"
echo
ip rule del from $IP1 table telecom
ip rule del from $IP2 table fastweb
ip rule add from $IP1 table telecom
ip rule add from $IP2 table fastweb

ip route add $P3_NET dev $IF3 table telecom
ip route add $P2_NET dev $IF2 table telecom
ip route add 127.0.0.0/8 dev lo table telecom

ip route add $P3_NET dev $IF3 table fastweb
ip route add $P1_NET dev $IF1 table fastweb
ip route add 127.0.0.0/8 dev lo table fastweb

if test $1 -eq 2
then
        iptables -t nat -F
        iptables -t nat -A POSTROUTING -s 192.168.0.0/24  -j
SNAT --to-source $IP2
else
        iptables -t nat -F
        iptables -t nat -A POSTROUTING -s 192.168.0.0/24  -j
SNAT --to-source $IP1
fi




my /etc/iproute2/rt_tables#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep
1       telecom
2       fastweb


ip rule

0:      from all lookup local
32764:  from 192.168.3.1 lookup fastweb
32765:  from 192.168.1.237 lookup telecom
32766:  from all lookup main
32767:  from all lookup default


ip route

192.168.3.0/24 dev eth1  scope link  src 192.168.3.1
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.1
192.168.1.0/24 dev eth0  scope link  src 192.168.1.237
192.168.0.0/24 dev eth3  proto kernel  scope link  src 192.168.0.238
default via 192.168.3.254 dev eth1


ip route table telecom

192.168.3.0/24 dev eth1  scope link
192.168.1.0/24 dev eth0  scope link  src 192.168.1.237
192.168.0.0/24 dev eth3  scope link
127.0.0.0/8 dev lo  scope link
default via 192.168.1.238 dev eth0


ip route table fastweb

192.168.3.0/24 dev eth1  scope link  src 192.168.3.1
192.168.1.0/24 dev eth0  scope link
192.168.0.0/24 dev eth3  scope link
127.0.0.0/8 dev lo  scope link
default via 192.168.3.254 dev eth1











_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

             reply	other threads:[~2003-05-01 15:33 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-05-01 15:33 xchris [this message]
2003-05-02  9:36 ` [LARTC] Default route - Please Help Matthieu Turpault
2003-05-02 14:16 ` xchris

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-105180332019719@msgid-missing \
    --to=lyra@fastwebnet.it \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.