Differences

This shows you the differences between two versions of the page.

--- linux:routing [2007/04/01 10:52]
a Source routing (primoz pravi, da mu to deluje :) ) dvomim
+++ linux:routing [2009/05/25 00:35] (current)
@@ Line 2: / Line 2: @@
 tweak linux [[:linux:sysctl|sysctl]], see [[:linux:sysctl#linux as router|this]]
 ===== Source routing .. =====
@@ Line 17: / Line 20: @@
    ip rule add from x.x.x.2 table link1
    ip rule add from z.z.z.20 table link2
+to create rule that covers the whole interface (or even per port) and inbound traffic
+<note important>Be careful if you're using 26sec ipsec stack. The ipsec inbound interface is the same as physical one and you'll be having problems with ipsec routing table</note>
+  iptables -t mangle -I PREROUTING -i vlan501 -j MARK --set-mark 0x1
+  iptables -t mangle -I PREROUTING -i vla2510 -j MARK --set-mark 0x2
+  ip rule add fwmark 0x1 table table link1
+  ip rule add fwmark 0x2 table table link2
+===== same-alternative method =====
+  ip route add 87.224.167.g1 dev eth1 table ETH1
+  ip route add default via 87.224.167.g1 dev eth1 table ETH1
+  ip route add 212.49.121.g2 dev eth3 table ETH3
+  ip route add default via 212.49.121.g2 dev eth3 table ETH3
+   iptables -t mangle -A OUTPUT -m owner --uid-owner 108 -j MARK --set-mark 1
+   ip rule add fwmark 1 pri 100 table ETH3
+   iptables -t nat -A POSTROUTING -o eth3 -j SNAT --to-source= 212.49.121.g2
+   echo 0 > /proc/sys/net/ipv4/conf/eth3/rp_filter
+   ip rule add from 87.224.167.add1 pri 200 table ETH1
+   ip rule add from 212.49.121.addr2 pri 250 table ETH3