Howto setup one machine for specific ip pipe?

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: sean darcy <seandarcy2@gmail.com>
To: netfilter@vger.kernel.org
Subject: Howto setup one machine for specific ip pipe?
Date: Fri, 27 Feb 2009 19:01:34 -0500	[thread overview]
Message-ID: <go9usv$db0$1@ger.gmane.org> (raw)

I have an asterisk voip server in the local network. I have two outgoing 
connections, a large verizon pipe, and small, low latency pipe from 
broadview. I'd like traffic generally to use the verizon pipe, but 
traffic from the voip server should use the low latency broadview pipe.

I've set up table 128:

## eth0 is static to broadview
ETH0_IP_GATEWAY=xx.yy.zz.ww
ETH0_IP_ADDR=xxx.yy.zz.ww1
ip rule delete from $ETH0_IP_ADDR/32 table 128 priority 128
ip rule add    from $ETH0_IP_ADDR/32 table 128 priority 128
## this is the route through broadview gateway ip
ip route add default via $ETH0_IP_GATEWAY table 128

ip rule add    fwmark 0x1 table 128 prio 126

ip rule add    fwmark 0x2 table 128 prio 127

and then set-mark 0x1 to all packets from the voip server:

$IPT -t mangle -A PREROUTING -i eth1 \
   -s $AST_IP_ADDR -j MARK --set-mark 0x1

But the asterisk server can't access the internet. I assume the problem 
is that iptable server isn't NAT'ing the voip server. That is, it routes 
the packet out through the broadview pipe, but doesn't send any of the 
responses back to the asterisk server.

Any help appreciated.

sean

next             reply	other threads:[~2009-02-28  0:01 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-02-28  0:01 sean darcy [this message]
2009-02-28  0:07 ` Howto setup one machine for specific ip pipe? Brian Austin - Standard Universal
2009-02-28  0:27   ` sean darcy
2009-02-28  1:42     ` sean darcy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='go9usv$db0$1@ger.gmane.org' \
    --to=seandarcy2@gmail.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox