Hi all, I need to route local generated packages depending on which tcp or udp service I need to use. To accomplish this I have configured two routing tables: [root at lothlorien ~]# ip ru ls 0: from all lookup 255 32762: from all fwmark 0x2 lookup FirstLan 32763: from all fwmark 0x1 lookup SecondLan 32764: from 172.25.80.10 lookup SecondLan 32765: from 172.25.70.18 lookup FirstLan 32766: from all lookup main 32767: from all lookup default My routing tables: [root at lothlorien net]# ip ro show table FirstLan 172.25.70.16/28 dev eth1 proto kernel scope link src 172.25.70.18 default via 172.25.70.30 dev eth1 [root at lothlorien net]# ip ro show table SecondLan 172.25.80.0/24 dev eth1 proto kernel scope link src 172.25.80.10 default via 172.25.80.1 dev eth2 And my iptables rule is: iptables -t mangle -A OUTPUT -p udp --dport 53 -j MARK --set-mark 1 But this doesn't works. This host is CentOS 5.5 based with two interfaces. What am I doing wrong?? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20101013/46d10cdb/attachment-0002.html>
On Wed, Oct 13, 2010 at 11:22 AM, C. L. Martinez <carlopmart at gmail.com>wrote:> Hi all, > > I need to route local generated packages depending on which tcp or udp > service I need to use. To accomplish this I have configured two routing > tables: > > [root at lothlorien ~]# ip ru ls > 0: from all lookup 255 > 32762: from all fwmark 0x2 lookup FirstLan > 32763: from all fwmark 0x1 lookup SecondLan > 32764: from 172.25.80.10 lookup SecondLan > 32765: from 172.25.70.18 lookup FirstLan > 32766: from all lookup main > 32767: from all lookup default > > My routing tables: > > [root at lothlorien net]# ip ro show table FirstLan > 172.25.70.16/28 dev eth1 proto kernel scope link src 172.25.70.18 > default via 172.25.70.30 dev eth1 > > [root at lothlorien net]# ip ro show table SecondLan > 172.25.80.0/24 dev eth1 proto kernel scope link src 172.25.80.10 > default via 172.25.80.1 dev eth2 > > And my iptables rule is: > > iptables -t mangle -A OUTPUT -p udp --dport 53 -j MARK --set-mark 1 > > But this doesn't works. This host is CentOS 5.5 based with two interfaces. > > What am I doing wrong?? > > Thanks. >Please, any hints? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20101015/4d392c7d/attachment-0002.html>
From: C. L. Martinez <carlopmart at gmail.com>>>But this doesn't works. This host is CentOS 5.5 based with two interfaces. >Please, any hints?What do you mean by this does'nt work? Nothing works? Half of it? Just in case, but no idea if it is necessary, did you set forwarding? net.ipv4.ip_forward = 1 But again, I am not sure it is necessary... JD
>> I need to route local generated packages depending on which tcp or udp >> service I need to use. To accomplish this I have configured two routing >> tables:I would use the OUTPUT chain of the nat table.