On 7/31/19 3:10 AM, Marco Gaiarin wrote:
Ok. I manage some gateway that handle two or more connection to ISP; i balance traffic between routes, and sometimes via policy routing i 'bind' some traffic to some interfaces (forward traffic, so PREROUTING in mangle).
Thank you for the high level. I figured that was the case, but I wanted to ask to be sure.
This time i needed to bind local generated traffic, because one of the two line use dynamic IP and the service i use need static IP (they have some ACLs).
That makes perfect sense.I do wonder if a static route via the ISP connection with the static IP might suffice. (Which it sounds like you might now be doing that.)
Initially i've simply applied the same policy i was used to, but does not work (clearly, PREROUTING is for forwarded traffic, not or local generated one! Stupid me! ;). Then i've tried with OUTPUT, but with the same result.Now i'm using explicit routing, and clearly works. But i was curious, so i've posted here.
*nod*
Do you mean this? https://netdevconf.org/1.2/papers/ahern-what-is-l3mdev-paper.pdf
Yes.
I've no kernel 4.4, but i'm using load balancing with: https://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html and i suppose is a similar concept...
Yes.I think l3mdev takes that concept and extends it such that you don't need to worry about rules / fwmarks / etc. Instead, the l3mdev plumbing takes care of choosing what routing table is used automatically.
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
