On Sat, 18 Feb 2012 19:59:00 -0600, Brian Austin - Standard Universal <brian@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
you need to restore connmarks coming in from the wan so the system can send them back out that way
Hello Brian, Thanks for the reply. The router I described does not use connmark. It uses a command like this to set up round-robin balancing: ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.2.1 dev eth2 weight 1 nexthop via 200.91.104.144 dev ppp0 weight 1 This is described here: http://lartc.org/howto/lartc.rpdb.multiple-links.html The article teaches that this balancing depend on the following rule (one for each interface) to route traffic out the same interface as it was received on: ip rule add from ${!wan} table $table priority $((${#ifaces[@]}*100)) (Of course, the priority value can be ignored.) Since this system results in breaking connections, I am forced for the time being to use a connmarks for balancing, and restoration of marks, as you mentioned. -- Lloyd -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
