Linux routing tips
Source routing ..
ip route add x.x.x.x/26 dev vlan501 src x.x.x.2 table link1 ip route add default via x.x.x.1 table link1 ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 table link2 ip route add default via z.z.z.z.1 table link2 ip route add x.x.x.0/26 dev vlan501 src x.x.x.2 ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 ip route add default via x.x.x.x.1 ip rule add from x.x.x.2 table link1 ip rule add from z.z.z.20 table link2
to create rule that covers the whole interface (or even per port) and inbound traffic
Be careful if you're using 26sec ipsec stack. The ipsec inbound interface is the same as physical one and you'll be having problems with ipsec routing table
iptables -t mangle -I PREROUTING -i vlan501 -j MARK --set-mark 0x1 iptables -t mangle -I PREROUTING -i vla2510 -j MARK --set-mark 0x2 ip rule add fwmark 0x1 table table link1 ip rule add fwmark 0x2 table table link2
same-alternative method
ip route add 87.224.167.g1 dev eth1 table ETH1 ip route add default via 87.224.167.g1 dev eth1 table ETH1 ip route add 212.49.121.g2 dev eth3 table ETH3 ip route add default via 212.49.121.g2 dev eth3 table ETH3 iptables -t mangle -A OUTPUT -m owner --uid-owner 108 -j MARK --set-mark 1 ip rule add fwmark 1 pri 100 table ETH3 iptables -t nat -A POSTROUTING -o eth3 -j SNAT --to-source= 212.49.121.g2 echo 0 > /proc/sys/net/ipv4/conf/eth3/rp_filter ip rule add from 87.224.167.add1 pri 200 table ETH1 ip rule add from 212.49.121.addr2 pri 250 table ETH3