Paul,
[ Sorry for the slow reply. ]
: As requested I am attaching my network topology and routing tables. I
: can see that my request was a little ambiquous so heres a little more
: info
[ good and accurate description, based on LARTC HOWTO, snipped ]
: Here in lies the problem. I use ping as an application first. If I just
: ping an address which happens to be accessible via both networks e.g.
: ping 194.159.243.228 (www.sip.com) then frames will not actually route
: out of my system. This is because there is no rule or route to return a
: source address. Now if I include the interface ping -i IF1
: 194.159.243.228 then frames are sent out on IF1. This works because the
: ping application binds to the source address of the interface.
You could add a multipath route into your main routing table. Then at
any given time, a new route lookup in the main routing table would return
something at least.
: I want to be able to simultaneously get the same web page via both
: routers. Hence in this application the destination address will always
: be the same. This discounts routing by destination address.
As an example, I would recommend using "wget --bind-address=172.21.1.12"
--bind-address=ADDRESS
When making client TCP/IP connections, "bind()" to
ADDRESS on the local machine. ADDRESS may be speci
fied as a hostname or IP address. This option can be
useful if your machine is bound to multiple IPs.
: As my application resides well above the socket layer, there is no
: access to the bind facility.
Ah! Now that's a problem for which I have no solution!
: Now this is why I'm thinking of Marking frames with the target
: interface ID based on the PID of the application. Hence each frame
: that the application sends will then be marked with either a 1 or a 2.
: I can then add two further rules which would then route based on the
: Mark to either T1 or T2 which will. However a response I have received
: indicates that this is not reliable.
Indeed, it is not. This reply was accurate (to my knowledge).
: So back to my original question which I suppose is how do you get an
: application to be able to select the source address if you don't have
: access to bind ?
Indeed--unfortunately, this is a problem for which I have no answer. I
believe I have seen subsequent postings from you where you are
experimenting with using netfilter to route packets out particular
interfaces, and I saw somebody else mention a desired netfilter
<software type="imagined">-j RT_LOOKUP</software> target.
Best of luck,
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
