hi all,
i am trying to do some advance routing for our clients on a multi route
platform !.. at present am trying on a test bed.. i followed the example
& applied julian''s patch to kernel 2.4.19 & have gone thru the
docs at
the site... i have defined basically 3 groups for clients--> cache,
cisco, balance.. the name specifies the importance.. this is the details
of what i did-->
[root@Lr1 root]# ip rule ls
0: from all lookup local
10: from EXTnA.124/25 lookup ONE
20: from EXTnB.106/26 lookup TWO
100: from 192.168.1.10 lookup CACHE
101: from 192.168.1.20 lookup CISCO
150: from 192.168.1.30 lookup BALANCE
200: from all lookup ME
32766: from all lookup main
32767: from all lookup 253
[root@Lr1 root]# ip route ls ta ONE
default via EXtnA.1 dev eth1 src EXTnA.124
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta TWO
default via EXTnB.70 dev eth0 src EXTnB.106
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta CACHE
default via EXTnA.1 dev eth1
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta CISCO
default via EXTnB.70 dev eth0
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta BALANCE
default
nexthop via EXTnB.70 dev eth0 weight 1
nexthop via EXTnA.1 dev eth1 weight 1
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta ME
default
nexthop via EXTnA.1 dev eth1 weight 1
nexthop via EXTnB.70 dev eth0 weight 1
prohibit default proto static metric 1
[root@Lr1 root]# ip addr ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:50:bf:4b:f7:84 brd ff:ff:ff:ff:ff:ff
inet EXTnB.106/26 brd EXTnB.127 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:b9:69:99 brd ff:ff:ff:ff:ff:ff
inet EXTnA.124/25 brd EXTnA.127 scope global eth1
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:b9:69:9a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/16 brd 192.168.255.255 scope global eth2
[root@Lr1 root]# ip route ls
203.163.146.64/26 dev eth0 scope link
203.163.149.0/25 dev eth1 scope link
192.168.0.0/16 dev eth2 proto kernel scope link src 192.168.0.1
127.0.0.0/8 dev lo scope link
here ONE & TWO are the two external links.. ME is used for local server
DNS deamon.. the other three viz CACHE CISCO BALANCE are the routes the
clients ip''s must follow.. i have enabled ip_forward .. & iptables
rules
are also specified correct .. i.e according to the ip..
BUT am **NOT** able to surf at all from internal network... not even
able to ping eth2 !!!.. default INPUT & OUTPUT are set to ACCEPT while
FORWARD is DROP..
whats missing there ?.. after trying all day i want guidance now...
awaiting a reply very anxiously....
A.H
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
hi all,
i am trying to do some advance routing for our clients on a multi route
platform !.. at present am trying on a test bed.. i followed the example
& applied julian''s patch to kernel 2.4.19 & have gone thru the
docs at
the site... i have defined basically 3 groups for clients--> cache,
cisco, balance.. the name specifies the importance.. this is the details
of what i did-->
[root@Lr1 root]# ip rule ls
0: from all lookup local
10: from EXTnA.124/25 lookup ONE
20: from EXTnB.106/26 lookup TWO
100: from 192.168.1.10 lookup CACHE
101: from 192.168.1.20 lookup CISCO
150: from 192.168.1.30 lookup BALANCE
200: from all lookup ME
32766: from all lookup main
32767: from all lookup 253
[root@Lr1 root]# ip route ls ta ONE
default via EXtnA.1 dev eth1 src EXTnA.124
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta TWO
default via EXTnB.70 dev eth0 src EXTnB.106
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta CACHE
default via EXTnA.1 dev eth1
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta CISCO
default via EXTnB.70 dev eth0
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta BALANCE
default
nexthop via EXTnB.70 dev eth0 weight 1
nexthop via EXTnA.1 dev eth1 weight 1
prohibit default proto static metric 1
[root@Lr1 root]# ip route ls ta ME
default
nexthop via EXTnA.1 dev eth1 weight 1
nexthop via EXTnB.70 dev eth0 weight 1
prohibit default proto static metric 1
[root@Lr1 root]# ip addr ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:50:bf:4b:f7:84 brd ff:ff:ff:ff:ff:ff
inet EXTnB.106/26 brd EXTnB.127 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:b9:69:99 brd ff:ff:ff:ff:ff:ff
inet EXTnA.124/25 brd EXTnA.127 scope global eth1
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:b9:69:9a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/16 brd 192.168.255.255 scope global eth2
[root@Lr1 root]# ip route ls
203.163.146.64/26 dev eth0 scope link
203.163.149.0/25 dev eth1 scope link
192.168.0.0/16 dev eth2 proto kernel scope link src 192.168.0.1
127.0.0.0/8 dev lo scope link
here ONE & TWO are the two external links.. ME is used for local server
DNS deamon.. the other three viz CACHE CISCO BALANCE are the routes the
clients ip''s must follow.. i have enabled ip_forward .. & iptables
rules
are also specified correct .. i.e according to the ip..
BUT am **NOT** able to surf at all from internal network... not even
able to ping eth2 !!!.. default INPUT & OUTPUT are set to ACCEPT while
FORWARD is DROP..
whats missing there ?.. after trying all day i want guidance now...
awaiting a reply very anxiously....
A.H
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/