On Fri, 2003-10-17 at 09:35, Madhuri Patwardhan wrote: > Hi, > > I would like to choose the appropriate routing table using the packet > source address which is altered by the NAT table post-routing chain. > Is it possible? I have given the detailed scenerio below. > > This is what I have: > > I have a linux box with connections to two WAN links. > We are doing load balancing using Ultra monkey software. The same linux > box also works as a Linux director and directs the packets to real > servers. The real servers have private IP's. It is similar to the > example given on the ultramonkey site: > http://www.ultramonkey.org/2.0.1/topologies/lb-eg.html > > On the Linux Director box (which has two WAN links), masquerading for > the real server's private IP's happens with the following command. > > /sbin/iptables -t nat -A POSTROUTING -j MASQUERADE -s 192.168.6.0/24 > (as given in the example on ultramonkey site, which is mentioned above) > > So, in the POSTROUTING chain the source address gets changed to one of > the WAN links public IP. > > I would like to route the reply packets on the same WAN link on which > the query came. > > For example: > > I have two WAN links whose IP ranges are 203.199.51.0/24(WAN link X) and > 203.197.74.128/25 (WAN link Y). > > A packet comes on WAN link X destined to a address 203.199.51.159, which > is a virtual IP of the Linux Director on the Linux box. > > This packet is handed over to the real server which generates reply and > sends the packet back to Linux Director. The Linux Director changes the > source IP to 203.199.51.159 as per the iptables masqurade rule mentioned > above in the NAT tables post-routing chain. > > I have created two routing tables one with a default route of WAN link X > and the other with a default route of WAN link Y. Depending on the > source address, in this case 203.199.51.159 I would like it to choose > the appropriate routing table and hence WAN link X. > > Is this possible? What I am wondering is since it is in the post routing > chain that the source address is changed, is it possible that rerouting > will happen again and the appropriate default route will be chosen after > postrouting chain is traversed? > > > If any part needs better explaination please let me know. I would really > appreciate any pointers/clues. > How are you doing the 'redirector' part? Are you redirecting the incoming requests using iptables? It sounds like what you're after is DNAT with connection tracking. (unless I missed the bus completely) > > Thanks in advance. > > Madhuri -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
