* [LARTC] policy routing
@ 2001-03-20 12:26 Gregory OSINAIKE
2001-03-24 21:33 ` bert hubert
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Gregory OSINAIKE @ 2001-03-20 12:26 UTC (permalink / raw)
To: lartc
Hello,
I'm trying to route packets based on 'mark' numbers i give to packets
according to their port number using iptables. I'm having real trouble
setting up routes based on this. I'm issuing the following commands
assuming i have marked packets of a certain type with a 1:
echo 201 first.table >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table first.table
ip route add 30.0.0.0/8 dev eth0 table first.table
Basically its just like the exampls in the How To. I have to use Linux
kernel v-2.3.99-pre7, so am using iptables 1.0.0.
when i attempt to mark ICMP packets i get 'network unreachable' when i
ping another machine on our testbed which is not on the same subnet i.e
not 30.0.0.x
Can anyone help?
ThanKs!
Greg.
--
----------------------
Gregory OSINAIKE (ee9829@elec.qmw.ac.uk)
Electronic Engineering Department
Queen Mary and Westfield College
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [LARTC] policy routing
2001-03-20 12:26 [LARTC] policy routing Gregory OSINAIKE
@ 2001-03-24 21:33 ` bert hubert
2001-12-06 19:13 ` Fabian Gervan
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: bert hubert @ 2001-03-24 21:33 UTC (permalink / raw)
To: lartc
On Tue, Mar 20, 2001 at 12:26:00PM +0000, Gregory OSINAIKE wrote:
> Hello,
>
> I'm trying to route packets based on 'mark' numbers i give to packets
> according to their port number using iptables. I'm having real trouble
> setting up routes based on this. I'm issuing the following commands
> assuming i have marked packets of a certain type with a 1:
>
>
> echo 201 first.table >> /etc/iproute2/rt_tables
>
> ip rule add fwmark 1 table first.table
>
> ip route add 30.0.0.0/8 dev eth0 table first.table
>
> Basically its just like the exampls in the How To. I have to use Linux
> kernel v-2.3.99-pre7, so am using iptables 1.0.0.
>
> when i attempt to mark ICMP packets i get 'network unreachable' when i
> ping another machine on our testbed which is not on the same subnet i.e
> not 30.0.0.x
You also need to define a default gateway for marked packets then, I think.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Services
Trilab The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread* [LARTC] policy routing
2001-03-20 12:26 [LARTC] policy routing Gregory OSINAIKE
2001-03-24 21:33 ` bert hubert
@ 2001-12-06 19:13 ` Fabian Gervan
2001-12-06 19:18 ` bert hubert
2002-08-07 13:16 ` Stefan Kaiser
3 siblings, 0 replies; 5+ messages in thread
From: Fabian Gervan @ 2001-12-06 19:13 UTC (permalink / raw)
To: lartc
Hello
I am newbie with iproute2.
I have redhat 6.2 with 2 default gateways:
[...]
$IP route add default nexthop via 200.47.43.254 dev eth1 weight 2 nexthop \
via 200.41.233.209 dev eth2 weight 1
now i want to force all outgoing connection to irc port (6667) use 200.47.43.254 as gw.
any idea?
--
Best regards,
Fabian mailto:fabian1@inter-k.com.ar
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] policy routing
2001-03-20 12:26 [LARTC] policy routing Gregory OSINAIKE
2001-03-24 21:33 ` bert hubert
2001-12-06 19:13 ` Fabian Gervan
@ 2001-12-06 19:18 ` bert hubert
2002-08-07 13:16 ` Stefan Kaiser
3 siblings, 0 replies; 5+ messages in thread
From: bert hubert @ 2001-12-06 19:18 UTC (permalink / raw)
To: lartc
On Fri, Dec 07, 2001 at 04:19:28AM -0600, Fabian Gervan wrote:
> Hello
> I am newbie with iproute2.
> I have redhat 6.2 with 2 default gateways:
> [...]
> $IP route add default nexthop via 200.47.43.254 dev eth1 weight 2 nexthop \
> via 200.41.233.209 dev eth2 weight 1
>
> now i want to force all outgoing connection to irc port (6667) use 200.47.43.254 as gw.
fwmark all packets going to port 6667, and then use
'ip rule add fwmark 1 table 200'
and then:
'ip route add default via 200.47.43.254 dev eth1 table 200'
To mark, see
http://ds9a.nl/lartc/HOWTO//cvs/2.4routing/output/2.4routing-11.html
Good luck!
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
Trilab The Technology People
Netherlabs BV / Rent-a-Nerd.nl - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread* [LARTC] policy routing
2001-03-20 12:26 [LARTC] policy routing Gregory OSINAIKE
` (2 preceding siblings ...)
2001-12-06 19:18 ` bert hubert
@ 2002-08-07 13:16 ` Stefan Kaiser
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Kaiser @ 2002-08-07 13:16 UTC (permalink / raw)
To: lartc
Hello,
i am using suse-linux 8.0 and i am trying to get this to work:
eth0 = local network
ppp0 = dsl modem
ippp0= isdn-card
network traffic coming from eth0 and going to ppp0 by default
network traffic to dport25 is routed to ippp0 (dynamic-ip)
the traffic from eth0 to ppp0 is working
but the configuration for ippp0 is killing me :-(
marking the pakets:
# iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 25 \
-j MARK --set-mark 1
configuring the policy routing database:
# echo 201 mail.out >> /etc/iproute2/rt_tables
# ip rule add fwmark 1 table mail.out
# ip rule ls
0: from all lookup local
32764: from all fwmark 1 lookup mail.out
32766: from all lookup main
32767: from all lookup default
and at last the mail.out table with the route to ippp0, but that´s my
problem: (i think)
# ip route add default dev ippp0 table mail.out
when i am now sending a mail (port25) ippp0 is dialing, but then the
route
is deleted, so i set the route again manual with the above command, but
the mail is not delivered
i have tryed to route the pakets back to my local net to the external
isdn-router:
# ip route add default via 192.168.21.10 dev eth0 table mail.out
this is working!!!
where do i fail?
when i try to set "default route" in the isdn configuration my default
route to the dsl
connection is deleted
I hope somebody can help me
regards,
stefan
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2002-08-07 13:16 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-03-20 12:26 [LARTC] policy routing Gregory OSINAIKE
2001-03-24 21:33 ` bert hubert
2001-12-06 19:13 ` Fabian Gervan
2001-12-06 19:18 ` bert hubert
2002-08-07 13:16 ` Stefan Kaiser
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox