What I tried to do: Use 2 links with loadsharing + falt toletant (to add bandwitdh)
ok ! I am use Debian Etch in router/fw With kernel debian default + routes-2.6.17-12.diff patch
The Problem:
The iproute2 just route thought the last gateway of nexthop rule.
I was running tcpdump in 2 terminals,
tcpdump -nni eth0 ...
tcpdump -nni eth1 ...
When the mark rule is set to --set-mark 0x1 they use eth0
When the mark rule is set to --set-mark 0x2 they use eth1
When the mark rule is set to --set-mark 0x3 they use the last gateway in rule with nexthop.
exemple1:
default proto static
nexthop via 200.253.10.129 dev eth1 weight 1
nexthop via 201.49.17.1 dev eth0 weight 1
connections was sending through 201.49.17.1 eth0
exemple2:
default proto static
nexthop via 201.49.17.1 dev eth0 weight 1
nexthop via 200.253.10.129 dev eth1 weight 1
connections was sending through 200.253.10.129 eth1
But dont use both at the same time. Someone can help with this thread?
My conf was based in http://www.ssi.bg/~ja/nano.txt article
CSD0101LNX00F:~# uname -a
Linux CSD0101LNX00F 2.6.17-2006-12-08 #1 Fri Dec 8 14:09:37 BRT 2006 i686 GNU/Linux
CSD0101LNX00F:~# cat /etc/iproute2/rt_tables
255 local
254 main
253 default
0 unspec
200 router1
201 router2
202 router3
CSD0101LNX00F:~# ip route
200.253.10.128/26 dev eth1 proto kernel scope link src 200.253.10.137
201.49.17.0/25 dev eth0 proto kernel scope link src 201.49.17.50
10.0.0.0/22 dev eth3 proto kernel scope link src 10.0.0.1
172.31.0.0/22 dev eth2 proto kernel scope link src 172.31.0.175
CSD0101LNX00F:~# ip route show table router1
201.49.17.50 via 201.49.17.1 dev eth0
200.253.10.128/26 dev eth1 proto kernel scope link src 200.253.10.137
201.49.17.0/25 dev eth0 proto kernel scope link src 201.49.17.50
10.0.0.0/22 dev eth3 proto kernel scope link src 10.0.0.1
172.31.0.0/22 dev eth2 proto kernel scope link src 172.31.0.175
default via 201.49.17.1 dev eth0
CSD0101LNX00F:~# ip route show table router2
200.253.10.137 via 200.253.10.129 dev eth1
200.253.10.128/26 dev eth1 proto kernel scope link src 200.253.10.137
201.49.17.0/25 dev eth0 proto kernel scope link src 201.49.17.50
10.0.0.0/22 dev eth3 proto kernel scope link src 10.0.0.1
172.31.0.0/22 dev eth2 proto kernel scope link src 172.31.0.175
default via 200.253.10.129 dev eth1
CSD0101LNX00F:~# ip route show table router3
default proto static
nexthop via 200.253.10.129 dev eth1 weight 1
nexthop via 201.49.17.1 dev eth0 weight 1
CSD0101LNX00F:~# ip rule
0: from all lookup 255
25: from all fwmark 0x3 lookup router3
26: from 201.49.17.50 lookup router1
27: from 200.253.10.137 lookup router2
29: from all fwmark 0x1 lookup router1
30: from all fwmark 0x2 lookup router2
32766: from all lookup main
32767: from all lookup default
Iptables Mark rule:
CSD0101LNX00F:~# iptables-save |grep MARK
-A PREROUTING -i eth2 -j MARK --set-mark 0x3
Iptables NAT rules:
CSD0101LNX00F:~# iptables-save |grep POSTROUTING
:POSTROUTING ACCEPT [55:4157]
-A POSTROUTING -s 172.31.0.0/255.255.252.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 172.31.0.0/255.255.252.0 -o eth1 -j SNAT --to-source 200.253.10.137
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
