Re: 2 ISP connection sharing problem

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Here is my natting script
--------------

IPTABLES=/sbin/iptables


echo 1 > /proc/sys/net/ipv4/ip_forward
$IPTABLES -F
$IPTABLES -t nat -F

/sbin/modprobe ip_nat_ftp

INTERNAL_NETWORK=" 192.168.3.0/24"


$IPTABLES -t nat -A POSTROUTING   -s $INTERNAL_NETWORK -o  eth2 -j MASQUERADE
$IPTABLES -t nat -A POSTROUTING   -s $INTERNAL_NETWORK -o  eth1 -j MASQUERADE

$IPTABLES -A INPUT -i eth0  -s $INTERNAL_NETWORK  -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i eth0 -o eth2 -s $INTERNAL_NETWORK   -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i eth0 -o eth1 -s $INTERNAL_NETWORK   -m state --state ESTABLISHED,RELATED -j ACCEPT
-------------------

On 9/5/07, Pan'ko Alexander <pankoAA@xxxxxxxxx> wrote:
On Tue, 4 Sep 2007 22:55:17 +0500
Arman <arman.anwar@xxxxxxxxx> wrote:

> Hi all,
>       I am now testing on a simplest scenario. I have an ip 192.168.3.5 on
> intranet. I want to route it through ISP1. All other traffic will go through
> ISP2 which is default gateway on machine so I dont need to add any rule for
> that. I have executed following commands
> ----
> echo 150 ISP1 >> /etc/iproute2/rt_tables
> ip rule add from  193.168.3.5/32 to 0.0.0.0/0  table ISP1
> ip route add default via 192.168.1.1  table ISP1
> ip route flush cache
> ----
> Following is the tables state
>
> [root@localhost ~]# ip rule list
> 0:      from all lookup local
> 32764:  from 193.168.3.5 lookup ISP1
> 32765:  from 193.168.3.5 lookup ISP1
> 32766:  from all lookup main
> 32767:  from all lookup default
>
> [root@localhost ~]# route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.3.0      *               255.255.255.0   U     0      0        0 eth0
> 203.81.198.0    *               255.255.255.0    U     0      0        0 eth2
> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
> 169.254.0.0     *               255.255.0.0     U     0      0        0 eth1
> default         203.81.194.24   0.0.0.0          UG    0      0        0 eth2
>
> [root@localhost ~]# ip route list table ISP1
> default via 192.168.1.1 dev eth1
>

I have very nearest configuration and it is working

> system is natted.

What and how is natted?

The right is:
iptables -t nat -A POSTROUTING -s 192.168.3.5 -j MASQUERADE

Or
iptables -t nat -A POSTROUTING -s 192.168.3.5 -j SNAT --to-source (ip of eth1)


May be you have
iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -j SNAT --to-source (ip of eth2)
It is wrong.

Try to determin routing by tcpdump -i ethX.

>
> I have checked for ip 192.168.3.5 but this is still from default gateway.
> Not going my settings. Internet is working for 192.168.3.5 but through ISP2.
> Will I have to do something with main table?
>
> --
> Regards,
> Arman
>


--
With best regards, Pan'ko Alexander.




--
Regards,
Arman Anwar 
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux