From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Jan Gerritsen" Date: Thu, 04 Dec 2003 12:01:51 +0000 Subject: [LARTC] How to route and queue, based on iptables marked packets, at the same time? Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi I want to do some routing an queuing stuff, but I am not sure if this=20 will work. I have 3 connections on my router: - eth0 which points to my LAN - eth1 which point to the Internet over a 2Mbit connection - eth2/ppp0 which is a DSL connection and points to the Internet, too. The reason for the two Internet connections is that the 2Mbit connection=20 is fast but expensive, I have to pay the traffic. The DSL connection is=20 flat fee but slow, 384 k/bit up and 64 k/bit downstream. Both connections do masquerading with their public IPs. What I want to do is to route some services over the DSL connection, like=20 e-mail traffic. The default route should be the 2Mbit connection. AFAIK I can't use ip rules to set up routing policies based on the TCP-port= ,=20 so I want to mark the traffic with iptables, to set the routs.=20 My problem is, that I currently use this to prioritise my traffic and to=20 order them into different HTB and SFQ queues. I found this graphic in the LARTC HOWTO: +------------+ +---------+ +-------------+ Packet -| PREROUTING |- routing--| FORWARD |----+-| POSTROUTING |- Packets input +------------+ decision +---------+ | +-------------+ out | | +-------+ +--------+ =20 | INPUT |-Local process -| OUTPUT | +-------+ +--------+ My question is can I mark the packets once in the FORWARD and OUTPUT chain = to influence the routing decision, and mark them again in the PORSTROUTING = chain to influence the queuing? Where is the decision how to route? My routing configuration: # Routing table for the 2MBit interface $IP route add "$EXT_2M_NET" dev "$EXT_2M_IF" src "$EXT_2M_IP" table "$EXT_2= M_RT" $IP route add default via "$EXT_2M_ROUTER" table "$EXT_2M_RT" $IP route add "$EXT_2M_NET" dev "$EXT_2M_IF" src "$EXT_2M_IP" # Routing table for the DSL interface $IP route add "$EXT_DSL_NET" dev "$EXT_DSL_IF" src "$EXT_DSL_IP" table "$EX= T_DSL_RT" $IP route add default via "$EXT_DSL_ROUTE"R table "$EXT_DSL_RT" $IP route add "$EXT_DSL_NET" dev "$EXT_DSL_IF" src "$EXT_DSL_IP" # Routing rules $IP rule add from "$EXT_2M_IP" table "$EXT_2M_RT" $IP rule add from "$EXT_DSL_IP" table "$EXT_DSL_RT" $IP rule add fwmark 10 table "$EXT_2M_RT" $IP rule add fwmark 20 table "$EXT_DSL_RT" $IP route add "$INT_NET" dev "$INT_IF" table "$EXT_2M_RT" $IP route add "$EXT_DSL_NET" dev "$EXT_DSL_IF" table "$EXT_2M_RT" $IP route add 127.0.0.0/8 dev lo table "$EXT_2M_RT" $IP route add "$INT_NET" dev "$INT_IF" table "$EXT_DSL_RT" $IP route add "$EXT_2M_NET" dev "$EXT_2M_IF" table "$EXT_DSL_RT" $IP route add 127.0.0.0/8 dev lo table "$EXT_DSL_RT" $IP route add default via "$EXT_2M_IP" thx, Jan Gerritsen=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF= =FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=FF=CB=01=14=C2=99=A8=A5=8Ax%=8A= =CB=7F,=04S=0B=F9=9A=8AY=9A=9F=F7l=F5=AF=E7=96=1Bm=A7=FF=FF=99=A8=A5=99=A9= =FFv=CFZ=FEy=7F=99=A8=A5=99=A9=FF=96+-=8Aw=E8=FEV=AB=B5=C1=CEY3=FF=86=DBi= =FF=FF=E5j=BB\=FE=8A=E0