Re: Fwd: Inbound and outbound traffic problem

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,
There is another way to do this, but I doubt that it is anymore elegant than what you have right now. I have just completed this same task and I can say that if I could have used your method - overlaying another subnet -I would have done so since it's a cleaner solution in my view.

I used iptables to "mark" the packets of the flows that where generated by the server ( WWW).
I created a second routing table with it's own default route.
I created an "ip rule" which looks for a "mark" on the packets and directs those packets to the new routing table.

Keep in mind, for this to work correctly you need to be using NAT or Masquerade on at least one of your ISP ports.

Regards Mike






Janis Daniel Bistevins wrote:

sorry if I can't explain correctly what my problem is.
What I need is to route traffic originated inside my lan by one ISP,
and traffic coming from another ISP (mostly requests to machines
inside the lan)back by the same ISP.
The way I've found is by creating two diferent networks inside my lan.
Those machines running services have two IP's on its NICs. That way I
can route depending the source of the packets.
I have a snapshot of my drawing, so you can figure this out.

http://www.iglobal.com.ar/~janis/snap0000.xpm <http://www.iglobal.com.ar/%7Ejanis/snap0000.xpm>


---------- Forwarded message ----------
From: Janis Daniel Bistevins < bistevins@xxxxxxxxx <mailto:bistevins@xxxxxxxxx>>
Date: Dec 19, 2005 12:05 PM
Subject: Inbound and outbound traffic problem
To: lartc@xxxxxxxxxxxxxxx <mailto:lartc@xxxxxxxxxxxxxxx>


                                        +---------------+
          +----+   ISP A         |                     |
           |      |-----------------|                     |
          +----+                    |                     |
       +------+
| ROUTER | NET C | www |
                                        |   LINUX
|----------------|          |
                                        |                     |
NET D     +-------+
          +----+    ISP B       |                     |
            |      |----------------|                     |
           +----+                  |                     |
                                       +----------------+


Hi!
I need that requests to www arriving from net ISP A returns by the
same route, but connections initiated from www go out by net ISP B.

The only way I have discovered so far is creating two differents
networks (NET C and NET D)
So, www have a route to ISP A by NET C and a default route by NET D .
On the Linux Router evereything coming from NET D is routed by NET B
and everything coming from NET C is routed by NET A
This is accomplished by creating logical interfaces on www and on the
Linux Router.

Is there another way to do this?

Thanks in advance.
Regards.

--
            Janis Bistevins
>Belief is 9/10 of YOUR reality<


--
            Janis Bistevins
>Belief is 9/10 of YOUR reality<

------------------------------------------------------------------------

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

--

Regards Mike.

Michael Davidson
Barone Budge & Dominick
Email: michael@xxxxxxxxx
Office: +27 11 532 8380
BB&D :  +27 11 532 8300
Fax:    +27 11 532 8400
Mobile: +27 82 650 5707
Home:   +27 11 452 4423	

This e-mail is confidential and subject to the disclaimer published at
http://www.bbd.co.za


_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux