Re: [LARTC] (no subject)

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Larry,

 : 192.168.100.0/24  LAN1---eth1 LINUX eth0------ISP1
 :                             |       |
 : 192.168.200.0/24  LAN2---eth3       eth2------ISP2
 :
 : eth0 192.168.10.2
 : eth2 192.168.20.2
 :
 : Is this enough if I want all traffic from LAN1 go to ISP1 & LAN2 to ISP2?
 : Or do I have to do packet marking? Problems with SNAT?

Yes, indeed.

 : echo 100 LAN1 >> /etc/iproute2/rt_tables
 : ip rule add from 192.168.100.0/24 table LAN1
 : ip route add default via 192.168.10.2 dev eth0 table LAN1
 :
 : echo 200 LAN2 >> /etc/iproute2/rt_tables
 : ip rule add from 192.168.200.0/24 table LAN2
 : ip route add default via 192.168.20.2 dev eth0 table LAN2
 : ip route flush cache

I think you meant to add the following default route:

  ip route add default via 192.168.20.2 dev eth2 table LAN2

Right?

 : # SNAT LANs 1 & 2
 : iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.10.2
 : iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to-source 192.168.20.2
 : iptables -A FORWARD -i eth1 -j ACCEPT
 : iptables -A FORWARD -i eth3 -j ACCEPT
 :
 : echo 1 > /proc/sys/net/ipv4/ip_forward

Looks like it should work just fine.

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux