Re: route question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/17/2010 07:49 AM, Jerry Geis wrote:
> Ok - I found out how to enable iptables logging.  I can see a connection
> from 98.X on port 25 going to .58 as desired.
> Then we can see that the return is going out eth2 - and - it should be
> going out eth1 based on postrouting.

No, it shouldn't.  You cannot accomplish what you are trying to do with 
only iptables.  Since we don't know what host is using 192.168.1.58, 
it's not even clear that you need iptables at all.

You must use route policies.  These are set up by the "ip route" and "ip 
rule" commands.

I posted an example of how to do multi-homing with shorewall a few days ago:
http://lists.centos.org/pipermail/centos/2010-May/094304.html

If you're not familiar with policy based routing, you should definitely 
be using something like shorewall that can take care of some of this for 
you.

This document can explain what's going on.
http://www.shorewall.net/MultiISP.html
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux