Dam :) The reason why i mark the packets in the linux box is because the router is a minimlistic kernel.. without mangle support :( I'll try it and then put the notes in the mailling list if i succeed :) Thanks anyway. On Tue, 2002-11-12 at 16:19, Martin A. Brown wrote: > : Ok.. > : i've done that without success. > : Please watch that the routing is made in the router machine and the > : marking is made in the linux box before and because of that it doesn't > : matter where i mark the packets. > > Ah, now I understand! But it does matter, tremendously. > > I didn't perceive in your previous post that you had two hosts. Perhaps I > was being dense. > > The "fwmark" is a field on the packet which only exists in the data > structure used to represent the packet on a single machine. In short, the > fwmark does not survive a single machine. As soon as the packet is > transmitted, the fwmark is lost. > > You could use the mangle table with the TOS target and then change your ip > rule to route based on ToS. I'm unsure of the implications for your > network, but this is a possible solution. If you modify the ToS on the > packet, this will be visible to other hosts. > > Good luck, > > -Martin > > : Thanks anyway > : Nuno Fernandes > : > : On Tue, 2002-11-12 at 15:51, Martin A. Brown wrote: > : > Hello Nuno, > : > > : > I'd suggest s/POSTROUTING/PREROUTING/ here: > : > > : > : iptables -t mangle -A POSTROUTING -d SOME.IP.IN.INTERNET -j MARK > : > : --set-mark 21 > : > : > : > : In my ROUTER i want to redirect packets according to MARK and i'm doing: > : > : > : > : root@euroter(~)# more /etc/iproute2/rt_tables > : > : 255 local > : > : 254 main > : > : 253 default > : > : 200 over > : > > : > Consult Stef Coene's kernel packet traveling diagram, which should > : > explain (visually) why you want to mark the packet before the routing > : > stage. > : > > : > http://www.docum.org/stef.coene/qos/kptd/ > : > > : > : root@euroter(~)# ip route ls table over > : > : default via XXX.XXX.XXX.XXX dev eth1 > : > : > : > : where XXX.XXX.XXX.XXX is the gateway of the provider 1. > : > : > : > : Doing ip rule ls, i can see that all packets with mark 21 go to table > : > : over. > : > : root@euroter(~)# ip rule ls > : > : 0: from all lookup local > : > : 32765: from all fwmark 21 lookup over > : > : 32766: from all lookup main > : > : 32767: from all lookup default > : > > : > Naturally, the RPDB (displayed with "ip rule show") is consulted as part > : > of the routing process. > : > > : > So, in short, your host euroter is doing as follows: > : > > : > - routing the packet > : > - marking the packet > : > - transmitting via provider2 > : > > : > : And table over only has default gw, but when i do a > : > : ping XXX.XXX.XXX.XXX it goes throw proveider2 and not provider1. > : > > : > Good luck, > : > > : > -Martin > : -- Nuno Miguel Pais Fernandes <npf@eurotux.com> Eurotux S.A.
Attachment:
signature.asc
Description: This is a digitally signed message part
