Thanks Alexander for this.
On Thu, 2005-05-12 at 08:12, Alexander Samad wrote:
> On Wed, May 11, 2005 at 08:00:30AM +0200, Hamish Whittal wrote:
> > Hi all,
> > I have the following configuration:
> > _______
> > +------------+ /
> > diginet link | | |
> > +-------------+ Provider 1 +-------
> > __ | | | /
> > ___/ \_ +------+-------+ +------------+ |
> > _/ \__(eth0)| eth1 (stat) | /
> > / \ 254| | |
> > | Local network -----+ Linux router | | Internet
> > \192.168.1.x __/ | | |
> > \__ __/ | eth2 (dyn) | \
> > \___/ +------+-------+ +------------+ |
> > 254| |ppp0 | | \
> > (eth3)| +-------------+ Telecomms +-------
> > | adsl link | ADSL | |
> > ___ | +------------+ \________
> > _/ \__ |
> > __/ \___ |
> > / \----+
> > | Local Network |
> > \__172.16.1.x__/
> > \__ ___/
> > \_/
> >
> > So, with some assistance, I have set up the following:
> > Table main:
> > 165.146.128.1 dev ppp0 proto kernel scope link src 165.146.yy.yy
> > 196.xx.xx.xx/nn dev eth1 proto kernel scope link src 196.xx.xx.xx
> > 10.0.0.0/24 dev eth2 proto kernel scope link src 10.0.0.254
> > 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.254
> > default via 196.xx.xx.xx dev eth1
> > (the default route here is going out through the diginet link -
> > 196.xx.xx.xx in this table)
> >
> > table adsl:
> > 10.0.0.0/24 dev eth2 scope link
> > 192.168.1.0/24 dev eth0 scope link
> > 127.0.0.0/8 dev lo scope link
> > default via 165.146.yy.yy dev ppp0
> >
> > the rules:
> > 0: from all lookup local
> > 90: from all to 192.168.1.0/24 lookup main
> > 100: from 192.168.1.0/24 lookup adsl
> > 32766: from all lookup main
> > 32767: from all lookup default
>
> You need to have another rule
>
> 100: from {adsladdress}/32 lookup adsl
>
> because your packets is getting MASQ and then rehitting the routing
> table, which says roue out the default link which is actually the digi
> link, most isp don;t allow asym routing of packets (ie will not allow
> you to send a packet with a source address not in their address space),
> it will probably still have the 172 address on it (not sure)
>
> You should be able to confirm this by tcpdump'ing on eth1
>
I tried what you said, but got a message along the lines of
"Route sent us somewhere else"
I did a bit of googling and now see that it seems this is a known
problem and requires a kernel patch.....
So, I am continuing to search.
I currently run Debian with stock 2.6.7-1 kernel.
Seems like a recompile is imminent.
Cheers
Hamish
-------------------------------------------------------------------
| Hamish Whittal | Mobile: +27 82 803 5533 |
| QED Technologies cc | landline: +27 21 671 7710 |
| 21 Marne Avenue, Claremont, Cape Town | fax: +27 21 674 9184 |
|________________fortune cookie below autogenerated_________________|
You will have a long and boring life.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
