[LARTC] Double gateway - aliased ip routing

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
I've get a local network with several workstations attached through a
firewall to the internet by two types of connections: one is called
ADSL, which is cheaper, but with lower bandwidth. the other called T3,
faster but more expensive. 
I want to enable each workstation from the localnet to choose it's
connection by setting it's default gateway to one of the firewall's ip
on eth0: 192.168.10.8 for ADSL and 192.168.10.9 for T3. additional each
workstation regardless its gateway ip should be able to access the dmz.
the topology of the net would be something like this:

                       INTERNET
         =======================================
               |                       |
               |                       |
             DynIP                212.x.x.195
         /------------\        /---------------\
         | DSL-ROUTER |        |   T3-ROUTER   |
         \------------/        \---------------/
          192.168.11.1             62.x.x.89
         192.168.11.0/24          62.x.x.88/29
               |                       |
               |                       |
          192.168.11.8             62.x.x7.90
         192.168.11.0/24          62.x.x.88/29
             eth3                    eth1   w/ ProxyARP
                   /---------------\     
                   |   FIREWALL    |        
                   \---------------/ 
      eth0:1         eth0             eth2  w/ ProxyARP
  192.168.10.8   192.168.10.9      62.x.x.90  
        192.168.10.0/24           62.x.x.88/29
               |                                 \
               |                                  \
  ===========================                    eth0  
           LOCALNET                            62.x.x.93  
                                              62.x.x.88/29
                                                /-----\
                                                | DMZ |
                                                \-----/

My problem is how to route the packages from the localnet to either ADSL
or T3, depending on wether they were received by the ip 192.168.10.8 or
192.168.10.9.
I tried to mark the packages in the postrouting chain of iptables and
send them to different routing tables. but iptables can't handle aliased
interfaces like eth0:1 as source devices. 
Next step was to set up routing depending on incoming interfaces, but
there was no effect in the actual routing.

my current configurations are:

# ip rule ls
0:      from all lookup local 
32765:  from all iif eth0:1 lookup ADSL 
32766:  from all lookup main 
32767:  from all lookup default 

# ip route show
62.x.x.89 dev eth1  scope link 
62.x.x.88/29 dev eth2  scope link 
192.168.11.0/24 dev eth3  proto kernel  scope link  src 192.168.11.8 
192.168.10.0/24 dev eth0  proto kernel  scope link  src 192.168.10.9 
default via 62.x.x.89 dev eth1 

# ip route show table ADSL
62.153.117.88/29 dev eth2  scope link 
default via 192.168.11.92 dev eth3 

Has anyone ideas of solving the problem?
Thanks,

oli
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux