I've tried this on my 4 adsl Linux + 10 hosts lan... but works better without "marks" -> -> Another question related with this. -> -> I've 4 ADSLs and I already use CONNMARK -> to MARK out/in traffic from ADSLs in order -> to make a QoS. -> -> # iptables -L -t mangle -> -> [... snip ...] -> -> Chain POSTROUTING (policy ACCEPT 15M packets, 5610M bytes) -> pkts bytes target prot opt in out source -> destination -> 989K 299M MYSHAPER-OUT all -- * ppp3 0.0.0.0/0 -> 0.0.0.0/0 -> 985K 222M MYSHAPER-OUT all -- * ppp2 0.0.0.0/0 -> 0.0.0.0/0 -> 856K 163M MYSHAPER-OUT all -- * ppp1 0.0.0.0/0 -> 0.0.0.0/0 -> 841K 164M MYSHAPER-OUT all -- * ppp0 0.0.0.0/0 -> 0.0.0.0/0 -> -> [... snip ...] -> -> Chain MYSHAPER-OUT (4 references) -> pkts bytes target prot opt in out source -> destination -> 39254 7491K MARK tcp -- * * 0.0.0.0/0 -> 0.0.0.0/0 tcp spts:0:1024 MARK set 0x17 -> 1920K 221M MARK tcp -- * * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpts:0:1024 MARK set 0x17 -> 1882 153K MARK tcp -- * * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:20 MARK set 0x1a -> 174 9457 MARK tcp -- * * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:5190 MARK set 0x17 -> 142K 19M MARK tcp -- * * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:1863 MARK set 0x17 -> [... snip ...] -> -> -> Later, with that MARK I put traffic on a HTB class. -> ... -> $TC filter add dev $DEV parent nn:0 prio 0 protocol ip handle XX -> fw flowid -> nn:yy -> ... -> -> MY Question is: -> is possible re-mark traffic or put another mark in order -> to know which PPP interface going out ? -> -> Must I use CLASSIFY to shape in/out PPP traffic , and let MARKs -> to know which PPP interface going out ? -> -> best regards. -> -> andres -> -> -> -> -> -> -> -> -> -> -> -> -> -> -> -> -> -> -> :: L i n u XK i D :: wrote: -> -> > -> -> -> > I've read next link: -> -> > -> -> > -> I'm not sure this is still a good link -> -> > -> -> -> -> http://selab.edu.ms/twiki/bin/view/Networking/MultihomedLinuxNetworking -> -> > -> -> > is really neccessary mark pakets on this way ? -> -> -> -> From the machine on which the 2 ISPs are connected to two different -> -> NICs, no. It will send and receive packets without marking. Where I -> -> have a problem is with NATted users; they are tied to one or the other -> -> ISP (even though I run 'ip route flush cache') unless I mark. -> -> -> -> Maybe Julian will give us some hints <grin>? -> -> -- -> -> gypsy -> -> -> -> > [... snip ...] -> -> > -> -> > # iptables -A POSTROUTING -t mangle -j MARK --set-mark 1 \ -> -> > -m state --state NEW -o ppp0 -> -> > # iptables -A POSTROUTING -t mangle -j MARK --set-mark 2 \ -> -> > -m state --state NEW -o ppp1 -> -> > # iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark \ -> -> > -m state --state NEW -> -> > -> -> > [... snip ...] -> -> > -> -> > # iptables -A POSTROUTING -t nat -m mark --mark 1 \ -> -> > -j SNAT --to-source 11.1.1.1 -> -> > # iptables -A POSTROUTING -t nat -m mark --mark 2 \ -> -> > -j SNAT --to-source 22.2.2.2 -> -> > -> -> > -> hareram wrote: -> -> > -> > -> -> > -> > Hi all -> -> > -> > -> -> > -> > iam trying to deploy loadbalance and failover -> -> > -> > -> -> > -> > My setup description -> -> > -> > --Fedora Core 4 -> -> > -> > --Linux 2.6.12.3 #1 SMP Mon Jul 25 22:37:34 IST 2005 -> -> i686 i686 i386 -> -> > -> > GNU/Linux -> -> > -> > --tc utility, iproute2-ss050314 -> -> > -> > --ip utility, iproute2-ss050314 -> -> > -> > --iptables v1.3.0 -> -> > -> -> -> > -> You say nothing about Julian's patch, so I assume you did -> -> not patch your -> -> > -> kernel. You must do that. -> -> > -> http://www.ssi.bg/~ja/ -> -> > -> -> -> > -> http://www.geocities.com/mctiew/ffw/dual.htm -> -> > -> -> -> > -> I'm not sure this is still a good link -> -> > -> -> -> http://selab.edu.ms/twiki/bin/view/Networking/MultihomedLinuxNetworking -> > -> so here is an old copy -> > -> http://yesican.chsoft.biz/lartc/MultihomedLinuxNetworking.html -> > -> -- -> > -> gypsy -> > -> _______________________________________________ -> > -> LARTC mailing list -> > -> LARTC@xxxxxxxxxxxxxxx -> > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> > _______________________________________________ -> > LARTC mailing list -> > LARTC@xxxxxxxxxxxxxxx -> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
