I''m having some very strange routing behavior. At least to me. More
than
likely it is because I don''t understand something. But hopefully one of
you
out there can enlighten me a bit.
I''m working with the following topology:
-----+--------LAN--------+------
| |
ISP2<---[FW/Router1] [FW/Router2]--->ISP1
|204... | 63...
| |
----+---+----DMZ--------+------
|
[Server]
All machines are running 2.4.x kernels configured with all the advanced
routing stuff. There are two blocks of static IP''s valid in the DMZ.
Each
router handles one of them as noted above. Server, has addresses from both
blocks configured on eth0.
In order to get things to route correctly I have the following rules
configured on "Server" above:
0: from all lookup local
100: from 204.xx.xx.xx/24 iif lo lookup to-FWR1
110: from 63.xx.xx.xx/29 iif lo lookup to-FWR2
32766: from all lookup main
32767: from all lookup 253
tables to-FWR1 and to-FWR2 containg the following respectively:
default via <FWR1 DMZ NIC address(204...)> dev eth0
and
default via <FWR2 DMZ NIC address(63...)> dev eth0
I started out with no default route in table main thinking that rules 100 and
110 above would handle everything. However, this does not seem to be the
case. If I don''t put something in for a default route in main. Things
don''t
work right with connections originated from "Server" involving UDP
traffic,
and I''m hard put to know what gives.
When I put in as a default route the NIC address of FWR1 or FWR2, my problems
go away. I''ve been trying to determing what is happening by using
tcpdump,
however, this seems complex enough that I''m not sure how to interpret
what
I''m seeing. Does anyone know what''s going on here?
-Andrew
--
Computer Systems Admin.
Bibleinfo.com
PO Box 19039
Spokane, WA 99219