Differences

This shows you the differences between two versions of the page.

--- linux:routing [2006/10/25 23:02]
a created
+++ linux:routing [2009/05/25 00:35] (current)
@@ Line 1: / Line 1: @@
 ====== Linux routing tips ======
+tweak linux [[:linux:sysctl|sysctl]], see [[:linux:sysctl#linux as router|this]]
+===== Source routing .. =====
+   ip route add x.x.x.x/26 dev vlan501 src x.x.x.2 table link1
+   ip route add default via x.x.x.1 table link1
+   ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20 table link2
+   ip route add default via z.z.z.z.1 table link2
+   ip route add x.x.x.0/26 dev vlan501 src x.x.x.2
+   ip route add z.z.z.0/25 dev vlan2510 src z.z.z.20
+   ip route add default via x.x.x.x.1
+   ip rule add from x.x.x.2 table link1
+   ip rule add from z.z.z.20 table link2
+to create rule that covers the whole interface (or even per port) and inbound traffic
+<note important>Be careful if you're using 26sec ipsec stack. The ipsec inbound interface is the same as physical one and you'll be having problems with ipsec routing table</note>
+  iptables -t mangle -I PREROUTING -i vlan501 -j MARK --set-mark 0x1
+  iptables -t mangle -I PREROUTING -i vla2510 -j MARK --set-mark 0x2
+  ip rule add fwmark 0x1 table table link1
+  ip rule add fwmark 0x2 table table link2
+===== same-alternative method =====
+  ip route add 87.224.167.g1 dev eth1 table ETH1
+  ip route add default via 87.224.167.g1 dev eth1 table ETH1
+  ip route add 212.49.121.g2 dev eth3 table ETH3
+  ip route add default via 212.49.121.g2 dev eth3 table ETH3
+   iptables -t mangle -A OUTPUT -m owner --uid-owner 108 -j MARK --set-mark 1
+   ip rule add fwmark 1 pri 100 table ETH3
+   iptables -t nat -A POSTROUTING -o eth3 -j SNAT --to-source= 212.49.121.g2
+   echo 0 > /proc/sys/net/ipv4/conf/eth3/rp_filter
+   ip rule add from 87.224.167.add1 pri 200 table ETH1
+   ip rule add from 212.49.121.addr2 pri 250 table ETH3