Dear Edesio; Thank you for your help. I tried to download the patch and apply it to fedora core 2, but I got lots of errors. I believe the patch is for kernel 2.4 and my kernel is 2.6.5. Either, I need to find a distribution that uses kernel 2.4 or try something else. So far, I have changed my configuration a bit; I have 2 DSL lines connected to ADSL modems, I am trying to split my local networks between these two lines. My uplinks are eth3 - 192.168.2.100 with gw 192.168.2.1 and eth1 - 192.168.3.100 with gw 192.168.3.1 Still same config for eth0 eth0 : 172.16.55.0/24 eth0:0 172.16.56.0/24 eth0:1 172.16.57.0/24 eth0:2 172.16.55.0/24 I tried SNAT with ip route ; iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -o eth1 -j SNAT --to-source 192.168.3.100 iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -o eth3 -j SNAT --to-source 192.168.2.100 iptables -t nat -A POSTROUTING -s 172.16.57.0/24 -o eth1 -j SNAT --to-source 192.168.3.100 iptables -t nat -A POSTROUTING -s 172.16.58.0/24 -o eth3 -j SNAT --to-source 192.168.2.100 ip rule add from 192.168.3.100 table 10 ip rule add from 192.168.2.100 table 20 ip route add default via 192.168.3.1 dev eth1 table 10 ip route add default via 192.168.2.1 dev eth3 table 20 ip route add default via 192.168.3.1 This is where I got stuck. Any more ideas? I am not trying to implement per packet route sharing, just a simply source based routing. Best Regards, On 6/10/05, Edesio Costa e Silva <edesio@xxxxxxxxxxxxxxxx> wrote: > Hi! > > I had a similar problem, two internal networks and two links. I had to apply > the patch at http://www.ssi.bg/~ja/routes-2.4.29-9.diff. It seems the > packets got a source address while masquerading and when they are routed > outbound the source address doesn't match the link address. > > MAYBE, just MAYBE, the problem can also be solved if you use SNAT instead of > MASQUERADING. > > I hope this helps. > > Edésio > > On Fri, Jun 10, 2005 at 03:54:30PM +0300, aristo7514 aristo7514 wrote: > > Hello, > > > > Since I could not figure out my previous problem, let me ask in a different way. > > > > I have 3 networks inside my LAN. They are 172.16.55.0/24 , > > 172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as > > an alias. > > > > I also have 2 uplinks to different ISPs. One of them is leased line > > and the other one is ADSL. > > > > One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1 > > and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3. > > > > I am trying to split my internal networks to these two providers. > > > > So, > > iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE > > > > iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE > > > > iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE > > > > This is what I am trying to set up. I also looked at the lartc.org and > > tried to implement split access. > > > > ip route add default scope global nexthop via 81.8.124.17 dev eth1 > > weight 1 nexthop via 172.18.10.2 dev eth3 weight 1 > > > > This command works if I ping from the linux router itself. It chooses > > a path and successfully returns ping results. > > > > But the NAT does not work. > > I got a message; > > > > MASQUERADE : Route sent us somewhere else. > > > > What would be the solution to this problem? > > > > Best Regards, > > _______________________________________________ > > LARTC mailing list > > LARTC@xxxxxxxxxxxxxxx > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > -- > Grief can take care of itself, but to get the full value of a joy you must > have somebody to divide it with. -- Mark Twain > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
