Hi, supposing I can ask questions about iproute2, here goes... because our internet connection gets accounted heavily, we thought of adding an outside interface to our router, thereby requesting another ip address, and ultimatly being able to split out our outbound traffic. this works by roughly following the lartc HOWTO. The only difference is we have to use the same gateway twice. Although twice the same ip address, it has two different arp addresses for each interface. so the main ip route shows: INTERNALNET dev eth1 proto kernel scope link src INTERNALIP OUTSIDENET dev eth0 proto kernel scope link src OUTIP1 127.0.0.0/8 dev lo scope link default via GATEWAY dev eth0 the testing ip route shows: INTERNALNET dev eth1 proto kernel scope link src INTERNALIP OUTSIDENET dev eth2 proto kernel scope link src OUTIP2 127.0.0.0/8 dev lo scope link default via GATEWAY dev eth2 some ip adresses are added to the table testing statically. now, finally, the problems. OUTIP2 cannot be pinged from outside. That is to say, the icmp request packets arrive at the router (eth2), but no reply gets sent, by any interface. This is annoying (because every non-pingeable address gets logged out by the ISP, but doesn't lose the address itself) but no real problem, that's what login scripts are for. The second problem is worse: after 'some' time, ip route of table testing loses its OUTSIDENET and 'default via' rules. I haven't been able so far to notice the trigger of this, but it's very annoying because I can't tell when my routing tables get f*ck*d up exactly. any comments ? PS: Yes Stef, it's still 'masquerading at the dorm' ;-) (inside joke) -- Tim Coninx -*- KULeuven Department of Computer Science http://www.cs.kuleuven.ac.be/cwis/research/distrinet/public/index.php gpgkey @ http://www.cs.kuleuven.ac.be/~tim/ 665.9238429876 - Number of the Pentium Beast
Attachment:
pgp00121.pgp
Description: PGP signature
