thr3ads.net - LARTC - Problem with routing to multiple tables [Feb 2006]

If this information is useful, please help other people find it:
Share via:

Nata

2006-Feb-02 23:57 UTC

Problem with routing to multiple tables

Hello all,

I am having some difficults to make a routing rule
work. I want that every P2P packages go to one interface (eth2 - cheaper
link) nad the rest of the traffic go to another interface (eth0 - frame
relay very expensive).

I am using this script to make the mark and
balance:

-------
#!/bin/bash

IPT="/usr/local/sbin/iptables"
IP="/sbin/ip"

#----
# Declara redes
#----
#
FrameRelay
IFE1="eth0"
IPE1="200.163.208.3"
NWE1="200.163.208.0/26"
GWE1="200.163.208.1"
PRE1="3"
#
#
DSL
IFE2="eth2"
IPE2="10.1.1.10"
NWE2="10.1.1.0/24"
GWE2="10.1.1.1"
PRE2="1"

#---
# Tabelas de
roteamento
#---
L1="201"
L2="202"
MAIN="222"

#---
# Desabilita tabela main
#---
$IP rule add prio 50 table
main
$IP route del default table main

#---
# ROTAS
#---
# Link 1 = L1
$IP rule add prio 201 from
$NWE1 table $L1
$IP route add default via $GWE1 dev $IFE1 src $IPE1 proto
static table $L1
$IP route append prohibit default table $L1 metric 1
proto static
#
# Link 2 = L2
$IP rule add prio 202 from $NWE2 table
$L2
$IP route add default via $GWE2 dev $IFE2 src $IPE2 proto static
table $L2
$IP route append prohibit default table $L2 metric 1 proto
static
#
# MultiPath
$IP rule add prio 222 table $MAIN
$IP route
add default table $MAIN proto static nexthop via $GWE1 dev $IFE1 weight
$PRE1  nexthop via $GWE2 dev $IFE2 weight $PRE2

#---
# P2P + Unknow
#---
P2PPRIO="60"
P2PMARK="1"

$IPT -t mangle -F

$IPT -t mangle -A PREROUTING -p tcp -j CONNMARK --restore-mark
$IPT -t
mangle -A PREROUTING -p tcp -m mark ! --mark 0 -j ACCEPT

$IPT -t mangle -A PREROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark
1
$IPT -t mangle -A PREROUTING -p udp -m ipp2p --ipp2p -j MARK --set-mark
1

for i in `cat /etc/l7-protocols/p2p`
do
$IPT -t mangle -A
PREROUTING -p tcp -m layer7 --l7proto $i -j MARK --set-mark 1
done

$IPT -t mangle -A PREROUTING -p tcp -m mark --mark 1 -j CONNMARK
--save-mark

$IP rule add prio $P2PPRIO fwmark $P2PMARK table $L2

$IP route flush cache
------

My question is: why the P2P
traffic still going through eth0?

Att,

Nataniel Klug

________________________________________________

Mensagem enviada usando Webmail CNett 2.0

Message sent using Webmail CNett 2.0

Cyber Nett Internet Banda Larga

http://www.cnett.com.br/


_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Apparently Analagous Threads

Search for more seemingly similar threads

LARTC - Feb 2006 - Problem with routing to multiple tables

Problem with routing to multiple tables

Apparently Analagous Threads

Wisdom of the Ancients