Hi list, I have exactly the same problem and I can't manage with doing my network work. In fact, the NAT postrouting is done *after* the routing. Consequently, tables fastweb and telecom are never looked. I am very interesed by a solution. My problem is described at this URL (still no answer): http://marc.theaimsgroup.com/?l=lartc&m=105049828901812&w=2 > -----Message d'origine----- > De : lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx]De > la part de xchris > Envoyé : jeudi 1 mai 2003 17:33 > À : lartc@xxxxxxxxxxxxxxx > Objet : [LARTC] Default route - Please Help > > > I've read the howto but i still can't let thinghs go in the right way > > My box has 4 nic. > 2 internet connection eth0,eth1 > 1 dmz eth2 > 1 lan eth3 > > > I would like to nat the internal lan wih one of the 2 ISP. > For my tests i created a script to switch the entire lan from one to the > other (i know it's redundand ....del...add.) > > The problem is that NAT is done only if i set the default gateway (in the > main table) > I have set the 2 default gateways in the other 2 tables but it > seems not to > consider them. > > if i set default gateway to ISP1 and set nat rules to go with ISP2 it > doesn't work!!! > Why??? > > my future plan are to let some client go with ISP1 and other with ISP2 > > Please Help!!! > Any hint apreciated!! > Here is my (long) config. > Bye > > xchris > > > > > eth0 Link encap:Ethernet HWaddr 00:04:76:25:07:D9 > inet addr:192.168.1.237 Bcast:192.168.1.255 Mask:255.255.255.0 > > eth1 Link encap:Ethernet HWaddr 00:04:76:25:07:3D > inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 > > eth2 Link encap:Ethernet HWaddr 00:04:76:25:07:67 > inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 > > eth3 Link encap:Ethernet HWaddr 00:04:76:25:07:73 > inet addr:192.168.0.238 Bcast:192.168.0.255 Mask:255.255.255.0 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > > > Here is my script (just basic... to test routing.. there's no firewall at > all) > it's done to act this way > > script 1 -->all lan go with ISP 1 > script 2 -->all lan go with ISP 2 > > > echo 1 > /proc/sys/net/ipv4/ip_forward > route del default > IF3=eth3 > IF1=eth0 > IF2=eth1 > IP1=192.168.1.237 > IP2=192.168.3.1 > IP3=192.168.0.238 > GW1=192.168.1.238 > GW2=192.168.3.254 > P1_NET=192.168.1.0/24 > P2_NET=192.168.3.0/24 > P3_NET=192.168.0.0/24 > > echo "1 - Creating two additional routing tables" > echo > ip route del $P1_NET dev $IF1 src $IP1 table telecom > ip route add $P1_NET dev $IF1 src $IP1 table telecom > echo 1 > ip route del default via $GW1 table telecom > ip route add default via $GW1 table telecom > echo 2 > ip route del $P2_NET dev $IF2 src $IP2 table fastweb > ip route add $P2_NET dev $IF2 src $IP2 table fastweb > echo 3 > ip route del default via $GW2 table fastweb > ip route add default via $GW2 table fastweb > > echo "2 - Setting Main routing tables" > echo > ip route del $P1_NET dev $IF1 src $IP1 > ip route del $P2_NET dev $IF2 src $IP2 > ip route add $P1_NET dev $IF1 src $IP1 > ip route add $P2_NET dev $IF2 src $IP2 > ip route add default via $GW2 > > > echo "3 - Setting answers from corresponing IPs" > echo > ip rule del from $IP1 table telecom > ip rule del from $IP2 table fastweb > ip rule add from $IP1 table telecom > ip rule add from $IP2 table fastweb > > ip route add $P3_NET dev $IF3 table telecom > ip route add $P2_NET dev $IF2 table telecom > ip route add 127.0.0.0/8 dev lo table telecom > > ip route add $P3_NET dev $IF3 table fastweb > ip route add $P1_NET dev $IF1 table fastweb > ip route add 127.0.0.0/8 dev lo table fastweb > > if test $1 -eq 2 > then > iptables -t nat -F > iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j > SNAT --to-source $IP2 > else > iptables -t nat -F > iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j > SNAT --to-source $IP1 > fi > > > > > my /etc/iproute2/rt_tables# > # reserved values > # > 255 local > 254 main > 253 default > 0 unspec > # > # local > # > #1 inr.ruhep > 1 telecom > 2 fastweb > > > ip rule > > 0: from all lookup local > 32764: from 192.168.3.1 lookup fastweb > 32765: from 192.168.1.237 lookup telecom > 32766: from all lookup main > 32767: from all lookup default > > > ip route > > 192.168.3.0/24 dev eth1 scope link src 192.168.3.1 > 192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.1 > 192.168.1.0/24 dev eth0 scope link src 192.168.1.237 > 192.168.0.0/24 dev eth3 proto kernel scope link src 192.168.0.238 > default via 192.168.3.254 dev eth1 > > > ip route table telecom > > 192.168.3.0/24 dev eth1 scope link > 192.168.1.0/24 dev eth0 scope link src 192.168.1.237 > 192.168.0.0/24 dev eth3 scope link > 127.0.0.0/8 dev lo scope link > default via 192.168.1.238 dev eth0 > > > ip route table fastweb > > 192.168.3.0/24 dev eth1 scope link src 192.168.3.1 > 192.168.1.0/24 dev eth0 scope link > 192.168.0.0/24 dev eth3 scope link > 127.0.0.0/8 dev lo scope link > default via 192.168.3.254 dev eth1 > > > > > > > > > > > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >
