Hi, I use iproute2_now_ss020116_try-i386-4 which comes with Slackware 9.1 (what I use it for my linux boxes). These commands work just fine with kernel 2.4.x but not with 2.6.x. IF1=eth1 IP1=xxx.xxx.xxx.xxx P1=xxx.xxx.xxx.xxx P1_NET=xxx.xxx.xxx.xxx/32 IF2=eth0 IP2=xxx.xxx.xxx.xxx P2=xxx.xxx.xxx.xxx P2_NET=xxx.xxx.xxx.xxx/29 # One creates two additional routing tables. # Then you set up routing in these tables as follows: ip route add $P1_NET dev $IF1 src $IP1 table T1 ip route add default via $P1 table T1 ip route add $P2_NET dev $IF2 src $IP2 table T2 ip route add default via $P2 table T2 # Next you set up the main routing table. ip route add $P1_NET dev $IF1 src $IP1 ip route add $P2_NET dev $IF2 src $IP2 # Then, your preference for default route: ip route add default via $P1 # Next, you set up the routing rules. These actually choose what routing table to route with. You want to # make sure that you route out a given interface if you already have the corresponding source address: ip rule add from $IP1 table T1 ip rule add from $IP2 table T2 # This set of commands makes sure all answers to traffic coming in on a particular interface get answered # from that interface. # Lotus Notes server 10.105.105.196 goes via eth0 ip rule add from 10.105.105.196 table notes ip route add default via $P2 dev eth0 table notes # Virtual HTTP server 10.105.105.201 goes via eth0 ip rule add from 10.105.105.201 table http1 ip route add default via $P2 dev eth0 table http1 # local VPN server 10.105.105.20 goes via eth0 ip rule add from 10.105.105.20 table vpnsrv ip route add default via $P2 dev eth0 table vpnsrv # local smtp iptables -t mangle -A PREROUTING -i eth2 -s 10.105.105.198 -p tcp --dport 25 -j MARK --set-mark 0x950 ip rule add fwmark 0x950 table localsmtp ip route add default via $P2 dev eth0 table localsmtp # local VPN clients and ssh out # PPTP iptables -t mangle -A PREROUTING -i eth2 -s 10.105.105.0/24 -p tcp --dport 1723 -j MARK --set-mark 0x960 iptables -t mangle -A PREROUTING -i eth2 -s 10.105.105.0/24 -p 47 -j MARK --set-mark 0x960 # ssh iptables -t mangle -A PREROUTING -i eth2 -s 10.105.105.0/24 -p tcp --dport 22 -j MARK --set-mark 0x960 ip rule add fwmark 0x960 table localvpn ip route add default via $P2 dev eth0 table localvpn ------------------------------------------------------------------ I tried to recompile"iproute2" against current (2.6.0) kernel sources, but it does not help. Remus ----- Original Message ----- From: "Ben Efros" <ben-ra@xxxxxxxxx> To: <lartc@xxxxxxxxxxxxxxx> Sent: Thursday, December 18, 2003 4:46 PM Subject: Re: iproute2 and Kernel 2.6 > Can you please tell us the version of iproute2, how you are making the > routing decisions (ie, what commands are you using?). > > > ----- Original Message ----- > From: "Remus" <rmocius@xxxxxxxxxxxxxx> > To: <lartc@xxxxxxxxxxxxxxx> > Sent: Thursday, December 18, 2003 5:47 AM > Subject: iproute2 and Kernel 2.6 > > > Hi folks, > > I have a linux box with three NICs (two for external ISP, and one local). > Today I tried to use 2.6.0 kernel and somethings is wrong because iproute2 > does not work corretly. > No routed packets go via second ISP NIC. With 2.4.22 kernel I have no > problems at all with packet routing. > > I compiled 2.6.0 kernel myself, maybe I missed something in .config file? > > Thanks > > Remus > > > > "Slackware Linux - Simplicity is Divine." > > > BACKUP IMPORTANT DATA ! > > This is the most important thing ! > Remember that all damages done to your system is at your own risk ! > Always important when you are running Bill Gates Windows ;-) > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
