Linux routing tips
- Source routing ..
- same-alternative method

Linux routing tips

tweak linux sysctl, see this

Source routing ..

 ip route add x.x.x.x/26 dev vlan501 src x.x.x.2 table link1
 ip route add default via x.x.x.1 table link1
 ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 table link2
 ip route add default via z.z.z.z.1 table link2
 
 ip route add x.x.x.0/26 dev vlan501 src x.x.x.2
 ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20
 
 ip route add default via x.x.x.x.1
 
 ip rule add from x.x.x.2 table link1
 ip rule add from z.z.z.20 table link2

to create rule that covers the whole interface (or even per port) and inbound traffic

Be careful if you're using 26sec ipsec stack. The ipsec inbound interface is the same as physical one and you'll be having problems with ipsec routing table

iptables -t mangle -I PREROUTING -i vlan501 -j MARK --set-mark 0x1
iptables -t mangle -I PREROUTING -i vla2510 -j MARK --set-mark 0x2
ip rule add fwmark 0x1 table table link1
ip rule add fwmark 0x2 table table link2

same-alternative method

ip route add 87.224.167.g1 dev eth1 table ETH1
ip route add default via 87.224.167.g1 dev eth1 table ETH1
ip route add 212.49.121.g2 dev eth3 table ETH3
ip route add default via 212.49.121.g2 dev eth3 table ETH3

 iptables -t mangle -A OUTPUT -m owner --uid-owner 108 -j MARK --set-mark 1
 
 ip rule add fwmark 1 pri 100 table ETH3
 
 iptables -t nat -A POSTROUTING -o eth3 -j SNAT --to-source= 212.49.121.g2
 
 echo 0 > /proc/sys/net/ipv4/conf/eth3/rp_filter
 
 ip rule add from 87.224.167.add1 pri 200 table ETH1
 ip rule add from 212.49.121.addr2 pri 250 table ETH3

Table of Contents

Linux routing tips

Source routing ..

same-alternative method