>Hello,>I don''t have IP on this ranges in my linux box. There is another router >under my linux box in my topology. But this customers arrives in my >eth2 interface. I make SNAT fort his networks in my linux box. >...What you need is simple source address based policy routing as described here: http://lartc.org/howto/lartc.rpdb.html Example on lartc howto is pretty straightforward. Many inpolite people would even say "RTFM". pozdrawiam, Marek Kierdelewicz KoBa ISP
Hi Pablo, You have to configure your box linux similar to: ip rule add from 10.20.0.0/24 to 0.0.0.0/0 table 100 ip route add default via 192.168.0.254 table 100 ip rule add from 10.30.0.0/24 to 0.0.0.0/0 table 200 ip route add default via 192.168.1.254 table 200 On 5/28/07, Marek Kierdelewicz <marek@piasta.pl> wrote:> >Hello, > > > >I don''t have IP on this ranges in my linux box. There is another router > >under my linux box in my topology. But this customers arrives in my > >eth2 interface. I make SNAT fort his networks in my linux box. > >... > > What you need is simple source address based policy routing as > described here: > http://lartc.org/howto/lartc.rpdb.html > > Example on lartc howto is pretty straightforward. Many inpolite > people would even say "RTFM". > > pozdrawiam, > Marek Kierdelewicz > KoBa ISP > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >-- "The network is the computer"
Pablo Fernandes Yahoo
2007-May-29 16:47 UTC
Re: 2 gateways - routing based in source address
Hi, I have not tried it yet. I think that you have to make a rule similiar as ip rule add from 0.0.0.0/0 table 100 ip route add default via 192.168.1.254 table 100 proto static ip rule add from 0.0.0.0/0 table 200 ip route add default via 192.168.0.254 table 200 proto static #Mark incoming packets for later routing iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0 -p tcp --dport 80 -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0 -p tcp --dport 443 -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -i eth2 -s 0.0.0.0/0 -j MARK --set-mark 2 ip rule add from all fwmark 1 table 100 ip rule add from all fwmark 2 table 200 For NAT iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $IP_ETH0 iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to $IP_ETH1 On 5/29/07, Pablo Fernandes Yahoo <fernandes_pablo@yahoo.com.br> wrote:> > > > Hi, > > > > First of all, thank you for your help. > > > > And how can i put all the traffic comming from anywhere with destination > port 80 or 443 to go out by the gateway 192.168.1.254, while all the rest > going out by 192.168.0.254 ? > > > > Im trying here different ways with ToS but it isn''t working. Thank you for > any Tip. > > > > Regards > > > > >Hi Pablo, > > > > > >You have to configure your box linux similar to: > > > > > >ip rule add from 10.20.0.0/24 to 0.0.0.0/0 table 100 > > >ip route add default via 192.168.0.254 table 100 > > > > > >ip rule add from 10.30.0.0/24 to 0.0.0.0/0 table 200 > > >ip route add default via 192.168.1.254 table 200 > > > > > > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > >-- "The network is the computer"