Hello, I'm trying to use policy routing to forward my LAN traffic (which has valid Internet addresses, not 10.* or 192.168.* stuff) to a second interface, which then will forward it to a third interface, which is connected to the Internet. I want to do this so I can put traffic control on the second and third interfaces, and not have it have to police all of the packets local to my LAN (doing so causes my P3/800/128Meg RAM machine to crash at high volume). The problem is, I can't figure out how policy works with FORWARDED traffic. I can go back and forth from eth0 and eth2, but when I try to route the traffic through eth1 (Internet - eth0 <-> eth1 <-> eth2 - my LAN) I can't even get an ARP packet through, let alone IP. Does anyone have some pointers on how to do rules on forwarded packets, or know of a better mailing list to post this sort of thing in? Below is an example of the type of script I've been using. ip rule add dev eth0 table internet # Links to CISCO router ip rule add dev eth1 table pipe # Basically a dummy interface ip rule add dev eth2 table lan # Leads to my LAN, with about 300 machines ip route add 10.2.1.1/32 dev eth1 table internet ip route add my.ip.range/subnet via 10.2.1.1 table internet ip route add default dev eth0 table internet ip route add 10.2.1.1/32 dev eth1 table lan ip route add my.ip.range/subnet dev eth2 table lan ip route add default via 10.2.1.1 table lan ip route add my.ip.range/subnet dev eth2 table pipe ip route add default dev eth0 table pipe I've also tried using scope global and proto static, but it doesn't make a difference. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
