CentOS - Mar 2009 - port based routing

Good Evening,

I am trying to set up port based routing on a CentOS 5.2 box as described
here:

http://www.linuxhorizon.ro/iproute2.html (second example)

Therefor I have set up the following mangle and routing rules:

$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1100 -j MARK --set-mark 1
$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1101 -j MARK --set-mark 2
$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1102 -j MARK --set-mark 3

$IP route add default dev ppp100 table SOESTCOM1
$IP route add default dev ppp101 table VERSATEL1
$IP route add default dev ppp102 table TONLINE1

$IP rule add from all fwmark 1 table SOESTCOM1
$IP rule add from all fwmark 2 table VERSATEL1
$IP rule add from all fwmark 3 table TONLINE1

iptables -t mangle -L -vn output:

http://pastebin.centos.org/24626

shows that the packages are marked correctly.

Here is an example ip route show table output:

default dev ppp102  scope link

But it seems (and tcpdump indicates) that packages are still routed via
default route, instead.

Do I need to set some proc flags to activate port based routing?

Best Regards
Marcus
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.centos.org/pipermail/centos/attachments/20090309/f3d9a552/attachment-0003.html>

Good Evening,

There seems to be a bug in iproute caused by nla policy introduction
to the kernel:

http://mailman.ds9a.nl/pipermail/lartc/2007q1/020493.html

So I was not able to set ip rules using e.g.:
		
ip rule add from all fwmark 3 table TONLINE1

which lead to an error:

RTNETLINK answers: Numerical result out of range

I did the trick with replacing 'all' with '0.0.0.0/0'

Best Regards
Marcus