Hello
Im having a problem similar to sawar
Here is my configuration
--------------eth1---192.168.1.128---------- -------------192.168.1.1 ISP
router 1
| my |
---Eth0---192.168.10.157----| |
| linux |
|
------------eth2---192.168.254.128-----
----------------192.168.254.254 ISP router 2
What I want to do is a balance charging and itsnt working
The Kernel version es 2.6.14
root@enrutizador:~# uname -a
Linux enrutizador 2.6.12-9-386 #1 Mon Oct 10 13:14:36 BST 2005 i686
GNU/Linux
Eth1 and Eth2 are well coneccted to Routers...
root@enrutizador:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=128 time=0.726 ms
root@enrutizador:~# ping 192.168.254.254
PING 192.168.254.254 (192.168.254.254) 56(84) bytes of data.
64 bytes from 192.168.254.254: icmp_seq=1 ttl=255 time=0.802 ms
And here is the script I use to do it work...
#!/bin/sh
P1_NET=192.168.1.0/24
IF1=eth1
IP1=192.168.1.128
P1=192.168.1.1
P2_NET=192.168.254.0/24
IF2=eth2
IP2=192.168.254.128
P2=192.168.254.254
ip addr add $IP1/24 brd + dev $IF1
ip addr add $IP2/24 brd + dev $IF2
ip link set $IF1 up
ip link set $IF2 up
ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add equalize default nexthop via 192.168.254.254 dev eth2
nexthop via 192.168.1.1 dev eth1
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2
I have read in books and faqs and this should enough to do balance
charging working, but isn''t.
The problem is the same than sawar, src ips are wrong...or at least
stranges :-/
The configuration from the boot is as follow
Clear system after boot
root@enrutizador:~# ip route ls
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.157
After execute the configuration script
root@enrutizador:~# ip route ls
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.128
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.157
192.168.254.0/24 dev eth2 proto kernel scope link src 192.168.254.128
default equalize
nexthop via 192.168.254.254 dev eth2 weight 1
nexthop via 192.168.1.1 dev eth1 weight 1
The problem like sawar...
root@enrutizador:~# for x in $(seq 1 10); do ip r g 130.206.1.$x; done
130.206.1.1 via 192.168.1.1 dev eth1 src 192.168.1.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.2 via 192.168.1.1 dev eth1 src 192.168.254.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.3 via 192.168.1.1 dev eth1 src 192.168.254.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.4 via 192.168.1.1 dev eth1 src 192.168.1.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.5 via 192.168.1.1 dev eth1 src 192.168.254.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.6 via 192.168.1.1 dev eth1 src 192.168.1.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.7 via 192.168.1.1 dev eth1 src 192.168.254.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.8 via 192.168.1.1 dev eth1 src 192.168.1.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.9 via 192.168.1.1 dev eth1 src 192.168.254.128
cache mtu 1500 advmss 1460 hoplimit 64
130.206.1.10 via 192.168.1.1 dev eth1 src 192.168.1.128
cache mtu 1500 advmss 1460 hoplimit 64
The only ips that repond to the Pings are the ones where via and src
are in the same net
I have tryed too the solution you gave to sawar and activate the nat
root@enrutizador:/proc/sys/net/ipv4# modprobe iptable_nat
root@enrutizador:/proc/sys/net/ipv4# iptables -t nat -A POSTROUTING -s
192.168.254.128 -o eth1 -j SNAT --to-source 192.168.1.128
root@enrutizador:/proc/sys/net/ipv4# iptables -t nat -A POSTROUTING -s
192.168.1.128 -o eth2 -j SNAT --to-source 192.168.254.128
But itsn''t working yet
root@enrutizador:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 192.168.254.128 anywhere
to:192.168.1.128
SNAT all -- 192.168.1.128 anywhere
to:192.168.254.128
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
What Im doing bad please? or what is wrong?
A lot of thanks for at least try to undesrtand the mail :-)
Javier Suarez
Javier, On Tue, 2006-03-28 at 13:23 +0200, Javier Suarez wrote:> > ip route add $P1_NET dev $IF1 src $IP1 table T1 > ip route add default via $P1 table T1 > > ip route add $P2_NET dev $IF2 src $IP2 table T2 > ip route add default via $P2 table T2You are missing the prohibit lines above, and you should start with a rule line, not and add route line. http://www.ssi.bg/~ja/nano.txt ip rule add prio 201 from NWE1/NME1 table 201 ip route add default via GWE1 dev IFE1 src IPE1 proto static table 201 ip route append prohibit default table 201 metric 1 proto static ip rule add prio 202 from NWE2/NME2 table 202 ip route add default via GWE2 dev IFE2 src IPE2 proto static table 202 ip route append prohibit default table 202 metric 1 proto static> ip route add $P1_NET dev $IF1 src $IP1 > ip route add $P2_NET dev $IF2 src $IP2 > > ip route add equalize default nexthop via 192.168.254.254 dev eth2 > nexthop via 192.168.1.1 dev eth1 > > ip rule add from $IP1 table T1 > ip rule add from $IP2 table T2Pretty sure these will not be needed when you do the above correctly.> > I have read in books and faqs and this should enough to do balance > charging working, but isn''t.Nope, you got to follow that nano how to.> The problem is the same than sawar, src ips are wrong...or at least > stranges :-/Sure because your rules and routes are strange. -- Sincerely, William L. Thomson Jr. Obsidian-Studios, Inc. http://www.obsidian-studios.com