Re: `nexthop` at "ip route" command.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

* On Tue, Aug 28, 2001 at 06:11 PM (-0300), Eduardo wrote:

> I have a router with two interfaces, each one to a different carrier. At 
> the router, my default gateway is to carrier #1. Well, the router is 
> connected directly to a Linux firewall box and I need, depending on  the 
> source information of a packet, to route the packet to carrier #2.
> 
> I think that I can use the 'ip rule' and 'ip route' commands. As the 
> firewall default gateway is the router box, I think that I could set the 
> 'nexthop' parameter at the 'ip route' command to do the correct output 
> interface routing when the packet arrives the router, using a command 
> like this:
> 
> ip route add default via *router-ip* nexthop via *router-device-2-ip*
> 
> But I get the following error:
> 
> *RTNETLINK answers: Invalid argument*
> 
> What this could be?

If you want to do a kind of load balancing based on equal cost multipath 
you can try the "ip route" and "nexthop". But therefore the command line 
should look like:

  ip route add default \
  nexthop via *gateway-ip-1* dev *device-1* \
  nexthop via *gateway-ip-2* dev *device-2*

So IMHO you'll need two "nexthop" statements. 

But I don't think that you really want to do equal cost multipath),
you'll rather need policy routing based on the packet's source address. 

<untested>

So I think you should set up different routing tables and each table has 
its own default gateway string, i.e. something like this: 

  ip route add default via *gateway-ip-1* dev *device-1* table 100

  ip route add default via *gateway-ip-2* dev *device-2* table 200

Then you will need "ip rule" commands which specifies the table each
packet has to use, e.g.:

  ip rule add from <source-address-1> table 100 
  ip rule add from <source-address-2> table 100
    .
    .
    .
  ip rule add from <source-address-10> table 200
  ip rule add from <source-address-11> table 200

</untested>

> Thanks,

I hope that I could help you!

Bye,
Steffen
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux