This issue was due to rp_filter was turned on . Looks good now after turning off rp_filter. Thanks. On Thu, Aug 20, 2015 at 8:28 PM, Anand Raj Manickam <anandrm@xxxxxxxxx> wrote: > Hi , > I have a multi nic router setup. > > 172.0.0.1/24 |---------(eth1)(Internet) > eth0(LAN)----| > |---------(eth2)(Internet) > > When both the Links are up and connected , the NATTING / ROUTING fails > to route the packet back to the LAN on one of the Links in most cases > it eth1 . > Eg > 172.1.1.1->100.1.1.1 routed to eth1 , which(i m MASQURADING) SNAT's > to x.x.x.x ->100.1.1.1 > there is reply from 100.1.1.1->x.x.x.x. I see the packet in the > PREROUTING Mangle table and also in TCPDUMP . But after that the > packet is lost. > I did try to log the packet in FORWARD , mangle table , it did not reach here . > > Conntrack -E , also show the SYN_RECV state for the packet. > > But when only one link is in connected state , it works fine. Also > ,when both the links are up it routes fine on eth2. The connectivity > of the links are fine as i m using this in a private setup. > > I m using fwmark ip route table to route the packets on the particular > interface . > I m using Linux Kernel version 3.12.14 . > > Can someone shed some light this ? > > Thanks, > Anand -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
