Edwin Chiu wrote:
>
> Have you tried just:
>
> ip rule to 192.168.0.0/24 lookup masq_table pref 1000
This does of course work, but then I can't send out packets via the
other IP addresses.
> You might also play around with your preferences.. try 10, and see if the
> other rules might not
> be interfering somehow (201?). Try removing the main table as well ;)
The problem is that I want all packets bound to one of the three
specific IP addresses to be stamped with that address when they go out.
After that, I want all generic packets going to that subnet to be
stamped with the floating IP address. This only seems to work if the
floating address is the first one listed in the address listing, no
matter what is specified in the "via" parameter in the masq_table.
> You should be able to test the routing by doing a:
>
> ip route get from src-ip to dst-ip
If I change the ordering in "ip addr" so that the 0.1 comes before 0.20
for eth0, then I get:
#ip ro get to 192.168.0.10
192.168.0.10 dev eth0 src 192.168.0.1
cache mtu 1500 rtt 300
whereas if I put 0.20 before 0.1, I get:
# ip ro get to 192.168.0.10
192.168.0.10 dev eth0 src 192.168.0.20
cache mtu 1500 rtt 300
I then tested using only the following in masq_table (taking the via
part out entirely)
# ip ro li table masq_table
default dev eth1 scope link
This then tried to use the first IP address listed under the "ip addr"
listing when I tried to ping 192.168.0.10, even if that ip address
wasn't on the right subnet.
So it looks like the "via" parameter really only controls what subnet to
use on an interface, not what IP address to use. This doesn't seem
quite right to me somehow.
--
Chris Friesen | MailStop: 043/33/F10
Nortel Networks | work: (613) 765-0557
3500 Carling Avenue | fax: (613) 765-2986
Nepean, ON K2H 8E9 Canada | email: cfriesen@nortelnetworks.com
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
