Another question related with this. I've 4 ADSLs and I already use CONNMARK to MARK out/in traffic from ADSLs in order to make a QoS. # iptables -L -t mangle [... snip ...] Chain POSTROUTING (policy ACCEPT 15M packets, 5610M bytes) pkts bytes target prot opt in out source destination 989K 299M MYSHAPER-OUT all -- * ppp3 0.0.0.0/0 0.0.0.0/0 985K 222M MYSHAPER-OUT all -- * ppp2 0.0.0.0/0 0.0.0.0/0 856K 163M MYSHAPER-OUT all -- * ppp1 0.0.0.0/0 0.0.0.0/0 841K 164M MYSHAPER-OUT all -- * ppp0 0.0.0.0/0 0.0.0.0/0 [... snip ...] Chain MYSHAPER-OUT (4 references) pkts bytes target prot opt in out source destination 39254 7491K MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:0:1024 MARK set 0x17 1920K 221M MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1024 MARK set 0x17 1882 153K MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20 MARK set 0x1a 174 9457 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5190 MARK set 0x17 142K 19M MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1863 MARK set 0x17 [... snip ...] Later, with that MARK I put traffic on a HTB class. ... $TC filter add dev $DEV parent nn:0 prio 0 protocol ip handle XX fw flowid nn:yy ... MY Question is: is possible re-mark traffic or put another mark in order to know which PPP interface going out ? Must I use CLASSIFY to shape in/out PPP traffic , and let MARKs to know which PPP interface going out ? best regards. andres -> -> :: L i n u XK i D :: wrote: -> > -> > I've read next link: -> > -> > -> I'm not sure this is still a good link -> > -> -> http://selab.edu.ms/twiki/bin/view/Networking/MultihomedLinuxNetworking -> > -> > is really neccessary mark pakets on this way ? -> -> From the machine on which the 2 ISPs are connected to two different -> NICs, no. It will send and receive packets without marking. Where I -> have a problem is with NATted users; they are tied to one or the other -> ISP (even though I run 'ip route flush cache') unless I mark. -> -> Maybe Julian will give us some hints <grin>? -> -- -> gypsy -> -> > [... snip ...] -> > -> > # iptables -A POSTROUTING -t mangle -j MARK --set-mark 1 \ -> > -m state --state NEW -o ppp0 -> > # iptables -A POSTROUTING -t mangle -j MARK --set-mark 2 \ -> > -m state --state NEW -o ppp1 -> > # iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark \ -> > -m state --state NEW -> > -> > [... snip ...] -> > -> > # iptables -A POSTROUTING -t nat -m mark --mark 1 \ -> > -j SNAT --to-source 11.1.1.1 -> > # iptables -A POSTROUTING -t nat -m mark --mark 2 \ -> > -j SNAT --to-source 22.2.2.2 -> > -> > -> hareram wrote: -> > -> > -> > -> > Hi all -> > -> > -> > -> > iam trying to deploy loadbalance and failover -> > -> > -> > -> > My setup description -> > -> > --Fedora Core 4 -> > -> > --Linux 2.6.12.3 #1 SMP Mon Jul 25 22:37:34 IST 2005 -> i686 i686 i386 -> > -> > GNU/Linux -> > -> > --tc utility, iproute2-ss050314 -> > -> > --ip utility, iproute2-ss050314 -> > -> > --iptables v1.3.0 -> > -> -> > -> You say nothing about Julian's patch, so I assume you did -> not patch your -> > -> kernel. You must do that. -> > -> http://www.ssi.bg/~ja/ -> > -> -> > -> http://www.geocities.com/mctiew/ffw/dual.htm -> > -> -> > -> I'm not sure this is still a good link -> > -> -> http://selab.edu.ms/twiki/bin/view/Networking/MultihomedLinuxNetworking -> > -> so here is an old copy -> > -> http://yesican.chsoft.biz/lartc/MultihomedLinuxNetworking.html -> > -> -- -> > -> gypsy -> > -> _______________________________________________ -> > -> LARTC mailing list -> > -> LARTC@xxxxxxxxxxxxxxx -> > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> > _______________________________________________ -> > LARTC mailing list -> > LARTC@xxxxxxxxxxxxxxx -> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
