Hi, I have a firewall running IPTABLES. I have tried to route sip traffic from my WAN(eth3) interface to a VLAN(eth2.2) interface, however the data will not route to the VLAN it keeps routing to the default interface(eth2). Does anyone have an idea as to what I need to look for? Regards Jennifer Botten ETECH Tel: +2787 150 5285 Fax: 086 638 2412 Mobile: +27 82 496 4009 E-Mail: <mailto:jennifer at etech.co.za> jennifer at etech.co.za Website: <http://www.etech.co.za/> www.etech.co.za cid:image001.gif at 01CBE895.00AF7120 The views expressed in this email are, unless otherwise stated, those of the author and not those of the Etech or its management. The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted in reliance on this, is prohibited and may be unlawful. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is, for whatever reason, corrupted or does not reach its intended destination. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110722/09d06eb5/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 8381 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20110722/09d06eb5/attachment-0001.gif>
Hi Jennifer, Could you copy the iptables rules? Julio On 7/22/2011 8:49 AM, Jennifer Botten wrote:> > Hi, > > I have a firewall running IPTABLES. I have tried to route sip traffic > from my WAN(eth3) interface to a VLAN(eth2.2) interface, however the > data will not route to the VLAN it keeps routing to the default > interface(eth2). Does anyone have an idea as to what I need to look for? > > Regards > > *Jennifer Botten*** > > *ETECH* > > Tel: +2787 150 5285 > > Fax: 086 638 2412 > > Mobile: +27 82 496 4009 > > E-Mail: jennifer at etech.co.za <mailto:jennifer at etech.co.za> > > Website: www.etech.co.za <http://www.etech.co.za/> > > *cid:image001.gif at 01CBE895.00AF7120* > > The views expressed in this email are, unless otherwise stated, those > of the author and not those of the Etech or its management. The > information in this email is confidential and is intended solely for > the addressee. Access to this email by anyone else is unauthorized. If > you are not the intended recipient, any disclosure, copying, > distribution or any action taken or omitted in reliance on this, is > prohibited and may be unlawful. Whilst all reasonable steps are taken > to ensure the accuracy and integrity of information and data > transmitted electronically and to preserve the confidentiality > thereof, no liability or responsibility whatsoever is accepted if > information or data is, for whatever reason, corrupted or does not > reach its intended destination. > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110722/5dba63a9/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 8381 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20110722/5dba63a9/attachment-0001.gif>
On 7/22/2011 8:49 AM, Jennifer Botten wrote:> Hi, > > I have a firewall running IPTABLES. I have tried to route sip traffic > from my WAN(eth3) interface to a VLAN(eth2.2) interface, however the > data will not route to the VLAN it keeps routing to the default > interface(eth2). Does anyone have an idea as to what I need to look for?Vlan interfaces should work like any other interface in terms of routing. Things should follow the most specific route (smallest netmask). -- Les Mikesell lesmikesell at gmail.com
On 07/22/11 6:49 AM, Jennifer Botten wrote:> > Hi, > > I have a firewall running IPTABLES. I have tried to route sip traffic > from my WAN(eth3) interface to a VLAN(eth2.2) interface, however the > data will not route to the VLAN it keeps routing to the default > interface(eth2). Does anyone have an idea as to what I need to look for? >To route stuff out different interfaces, I found I had to use ip rules. In my case, I wanted specific local hosts (on the private LAN) to route out an alternate interface, so I did something like... iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -j SNAT --to $net2.98 ip rule add from $net2.96/28 table 2 ip rule add from 10.0.1.0/24 table 2 ip route add default via $net2.97 dev $port2 table 2 to explain this, the LAN is 10.0.0.0/16. hosts on 10.0.0.0-255 are to be routed out the default interface, while a few hosts specifically put on 10.0.1.98-110 are to be routed out this 2nd interface, $net2.96/28 the two ip rule commands tag any traffic that is from either the second external circuit or the reserved subnet of the local network to use 'table 2'. the ip route command says anything thats table 2 is to use the second circuit's gateway and port -- john r pierce N 37, W 122 santa cruz ca mid-left coast