I'm attempting to perform some class based routing
using Linux in combination with quagga/zebra. My current
experience is with FreeBSD/ipfw/quagga.
I've read most of the LARTC documentation as well
Martin Brown's Guide to IP Layer Network Admin.
Here's the basics of my set up:
|- R1 <-> ISP1
R0-|
|- R2 <-> ISP2
|
|- R3 <-> ISP3
All outgoing traffic from R0 to the Internet goes to R3, which performs
the routing decisions. So all of my questions correspond to policies
that I need to configure on R3 using netfilter and iptables.
R3 has 8k specific routes (via BGP) from ISP3 and has its default set
to the directly attached network connection of R2
Here are the basic rules/policies:
1. All traffic from R0 with source address matching N1
should go have as its next hop R1.
2. All other traffic from R0 with source address matching N2
should be forwarded to ISP3 if the destination address
matches any of the 8k routes otherwise get forwarded to R2
3. All remaining traffic from R0 should be forwarded to ISP3 if
the destination address matches any of the 8k routes otherwise
get forwarded to R1
I can accomplish rule 1 easily by adding a routing table with say
priority 100 into the routing policy database that has a rule
that says if src matches N1 then set the default to be R1.
But I'm not as certain on how to implement policies 2 and 3, given that
I need to traverse the "main" routing table first and then have
each category of traffic have a different default.
Would it be possible to set the ToS in the incoming traffic
at the mangle/PREROUTING stage and then have two defaults
in the main routing table, one that matches policy 2 and the
other policy 3?
--
Russell P. Sutherland Email: russ @ madhaus.cns.utoronto.ca
4 Bancroft Ave., Rm. 102 Voice: +1.416.978.0470
University of Toronto Fax: +1.416.978.6620
Toronto, ON M5S 1C1 WWW: http://madhaus.cns.utoronto.ca/~russ
CANADA
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
