From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Ian! D. Allen" Date: Sat, 01 Nov 2003 15:50:31 +0000 Subject: [LARTC] routing for split multiple uplinks/providers with port forwarding Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org The fine document: http://lartc.org/howto/lartc.rpdb.multiple-links.html works nicely to make sure that answers to packets incoming to the Linux router from a particular provider go back out again over the same provider. It doesn't work as given for connections that are port forwarded from the Linux router to machines inside the local network (e.g. to a web server). With port forwarding in the mix, packets arriving from the Internet to a particular port on the Linux router have DNAT applied so that they pass transparently on to the internal web server; but, the answer packets from the web server arrive back at the Linux router and do not necessarily go out by the same gateway/provider by which they came in. I suspect the fix is somehow to mark the port forwarded packets with a flag indicating on which interface they arrived at the Linux router, and then preserve this flag into the answer packets on the web server. On the Linux router I can then make sure that appropriately flagged answer packets go out the correct interface. Am I on the right track here? -- -IAN! Ian! D. Allen Ottawa, Ontario, Canada EMail: idallen@idallen.ca WWW: http://www.idallen.com/ College professor via: http://teaching.idallen.com/ Board Member, TeleCommunities CANADA http://www.tc.ca/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/