Hello, I have set up a multipath gateway. System is a linux 2.4.29 kernel, iproute 20010824, iptables 1.2.11. here is the setup: firewall:/# ip rule 0: from all lookup local 100: from all lookup main 152: from all fwmark 10 lookup wan1 153: from all fwmark 20 lookup wan2 201: from 213.223.96.121 lookup wan1 202: from 82.236.230.217 lookup wan2 1000: from all lookup away Fw-cgarp:/etc/firegate# ip route ls table wan1 default via 213.223.96.122 dev eth0 src 213.223.96.121 prohibit default metric 1 Fw-cgarp:/etc/firegate# ip route ls table wan2 default via 82.236.230.254 dev eth3 src 82.236.230.217 prohibit default metric 1 Fw-cgarp:/etc/firegate# ip route ls table away default nexthop via 82.236.230.254 dev eth3 weight 1 nexthop via 213.223.96.122 dev eth0 weight 1 Fw-cgarp:/etc/firegate# iptables-save -t mangle # Generated by iptables-save v1.2.11 on Wed Apr 6 11:57:06 2005 *mangle :PREROUTING ACCEPT [3281:1066576] :INPUT ACCEPT [411:32992] :FORWARD ACCEPT [2870:1033584] :OUTPUT ACCEPT [339:63745] :POSTROUTING ACCEPT [3195:1096657] -A PREROUTING -p tcp -m tcp --dport 25 -j MARK --set-mark 0xa -A PREROUTING -p tcp -m mport --dports 80,443,21 -j MARK --set-mark 0x14 COMMIT # Completed on Wed Apr 6 11:57:06 2005 So with this configuration all the http,https and ftp traffic must be routed by the 'wan2' connection. I have done severals tests and it dont work, i have also had a realms mark to my routing rule and with the "rtacct" command i saw that traffic going through the correct rule, but http traffic continues to be balanced between the two connections... If someone see the problem ? Thx in advance.
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
