From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
Date: Thu, 22 May 2003 15:25:27 +0000
Subject: Re: [LARTC] 2 router on one server web
Message-Id: <marc-lartc-105361721007184@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-105361408702941@msgid-missing>
In-Reply-To: <marc-lartc-105361408702941@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hello Michele,

 : |194.243.12.15 (eth0)   SERVER WEB (eth1) 194.184.12.85 |
 :                                            adsl2
 :                                            194.184.12.81

So, you have a server with two ADSL connections.
                  +-----------------------------------+
194.243.12.1 -----| 194.243.12.15  SRV  194.184.12.85 |----- 194.184.12.81
             eth0 +-----------------------------------+ eth1


You are handling the inbound packets properly, but if you were to use
tcpdump on eth0, you'd see reply packets (to your ping) leaving on eth0
with a source address of 194.184.12.85.

This is not an uncommon thing to overlook when dealing with routing
systems--there is a path in to the box, and you have correctly identified
how to handle that, but you need to tell the box how to send the outbound
packet.

 : #for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $f; done

Yes, you need to do this!

 : #echo 1 > /proc/sys/net/ipv4/route/flush

This is equivalent to "ip route flush cache", and should be performed
after altering the routing tables or the RPDB.

 : #iptables -A PREROUTING -i eth1 -p -t mangle -j MARK --set-mark 1

 : and iproute:
 : #echo 201 ruteradsl2 >>/etc/iproute2/rt_tables
 : #ip rule add fwmark 1 table  routeradsl2
 : # ip rule ls
 : 0:      from all lookup local
 : 32765:  from all fwmark        1 lookup routeradsl2
 : 32766:  from all lookup main
 : 32767:  from all lookup default
 : # /sbin/ip route add default via 194.184.12.81 dev eth1 table routeradsl2

Try adding the following:

# ip rule add from 194.184.12.85 lookup routeradsl2

If you want to see another full example, please consult the section on
multiple Internet connections in the linux-ip.net documentation.

  http://linux-ip.net/html/adv-multi-internet.html

Good luck,

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/