
This shows you the differences between two versions of the page.

Link to this comparison view

linux:routing [2008/09/15 01:52]
linux:routing [2009/05/25 00:35]
Line 1: Line 1:
-====== Linux routing tips ====== 
-tweak linux [[:linux:sysctl|sysctl]], see [[:linux:sysctl#linux as router|this]] 
-===== Source routing .. ===== 
-   ip route add x.x.x.x/26 dev vlan501 src x.x.x.2 table link1 
-   ip route add default via x.x.x.1 table link1 
-   ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 table link2 
-   ip route add default via z.z.z.z.1 table link2 
-   ip route add x.x.x.0/26 dev vlan501 src x.x.x.2 
-   ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 
-   ip route add default via x.x.x.x.1 
-   ip rule add from x.x.x.2 table link1 
-   ip rule add from z.z.z.20 table link2 
-to create rule that covers the whole interface (or even per port) and inbound traffic 
-<note important>Be careful if you're using 26sec ipsec stack. The ipsec inbound interface is the same as physical one and you'll be having problems with ipsec routing table</note> 
-  iptables -t mangle -I PREROUTING -i vlan501 -j MARK --set-mark 0x1 
-  iptables -t mangle -I PREROUTING -i vla2510 -j MARK --set-mark 0x2 
-  ip rule add fwmark 0x1 table table link1 
-  ip rule add fwmark 0x2 table table link2 
-===== same-alternative method ===== 
-  ip route add 87.224.167.g1 dev eth1 table ETH1 
-  ip route add default via 87.224.167.g1 dev eth1 table ETH1 
-  ip route add 212.49.121.g2 dev eth3 table ETH3 
-  ip route add default via 212.49.121.g2 dev eth3 table ETH3 
-   iptables -t mangle -A OUTPUT -m owner --uid-owner 108 -j MARK --set-mark 1 
-   ip rule add fwmark 1 pri 100 table ETH3 
-   iptables -t nat -A POSTROUTING -o eth3 -j SNAT --to-source= 212.49.121.g2 
-   echo 0 > /proc/sys/net/ipv4/conf/eth3/rp_filter 
-   ip rule add from 87.224.167.add1 pri 200 table ETH1 
-   ip rule add from 212.49.121.addr2 pri 250 table ETH3 
linux/routing.txt ยท Last modified: 2009/05/25 00:35 (external edit)
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready