Hello, > Alternatively, you can force your DHCP server to bind on the > interfaces you want. I already did that, and even though the primary interface is not in that list, the DHCP sends out replies on that interface. >> What am I doing wrong and what must be done to achieve the desired >> behaviour? > > In OUTPUT chain, the outbound interface is already defined. You should > be marking in PREROUTING. Going on from my routing configuration I described in my answer to Oleg, I typed the following: root@machine:~# iptables -t mangle -A PREROUTING -p udp --source-port bootps -d 129.217.22.0/24 -j MARK --set-mark 122 root@machine:~# ip rule add fwmark 122 table 122 root@machine:~# ip rule show 0: from all lookup local 19999: from all fwmark 0x7a lookup 122 20000: from 129.217.4.0/24 lookup 104 20000: from 129.217.2.0/24 lookup 102 20000: from 129.217.10.0/24 lookup 110 20000: from 129.217.11.64/26 lookup 226 20000: from 129.217.12.0/24 lookup 112 20000: from 129.217.14.0/24 lookup 114 20000: from 129.217.16.0/24 lookup 116 20000: from 129.217.22.0/24 lookup 122 20000: from 129.217.26.0/24 lookup 126 20000: from 129.217.28.0/24 lookup 128 20000: from 129.217.33.0/24 lookup 133 20000: from 129.217.38.0/24 lookup 138 20000: from 129.217.45.0/25 lookup 145 20000: from 129.217.47.128/26 lookup 215 20000: from 129.217.47.192/26 lookup 214 20000: from 129.217.62.0/24 lookup 76 20000: from 129.217.63.0/26 lookup 211 32766: from all lookup main 32767: from all lookup default This does not work, DHCP unicast replies to 129.217.22.0/24 are still being send over eth1.104. Regards Christoph -- To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
