similar to: split access & fwmark

in /etc/sysctlsysctl.conf net.ipv6.conf.all.accept_ra = 1 net.ipv6.conf.all.autoconf = 1 net.ipv6.conf.eth0.accept_ra = 1 net.ipv6.conf.eth0.autoconf = 1 when i run cat /etc/sysctl.conf | grep ipv6 #net.ipv6.conf.all.forwarding=1 #net.ipv6.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_ra = 1 net.ipv6.conf.all.autoconf = 1

Hi all, i have a xen 4.3 installation and would like to have a bridge bond szenario: *** eth0 eth1 | | bond0 | br0 | vif = [ ''bridge=br0,mac=xx:xx:xx:xx:xx:xx'' ] *** With the network script in debian wheezy *** /etc/network/interfaces auto bond0 iface bond0 inet manual slaves eth0 eth1

Hi, I have a fedora15 x86_64 host with one fedora15 guest running amavis+spamassassin+postfix and performance is horrible. The host is a quad-core E13240 with 16GB and 3 1TB Seagate ST31000524NS and all partitions are ext4. I've allocated 4 processors and 8GB of RAM to this guest. I really hoped someone could help me identify areas in which performance can be improved at both the guest and

Hi ! I''ve a router linux with 3 eths in order to share internet connection: 1:lo 2:eth0-> Internet Connection (DHCP) 3:eth1-> gateway wired hosts -> 192.168.101.254 4:eth2-> gateway wireless hosts -> 192.168.212.254 / 192.168.230.254 / 192.168.210.254 / ... eth2 haves diferents IP Aliasings because it connect to a switch which connect 4 access points (linksys), each

Hi; I sucesyfully ran AD on samba4 software. All required by me functions works properly but when I turn on firewall my enviroment is getting very slow - logon process is 3 times longer then on system with disabled firewall service. Below I pasted my firewall configuration - I based on samba tutorial and aexples and official microsoft web page with needed ports: Have you similar problems after

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 ------- We haven't seen this

Hi all, I''m trying to set up a computer with 2 routes to the internet, much as described at http://lartc.org/howto/lartc.rpdb.multiple-links.html .One of my interfaces (eth5, 192.168.2.2) is only used for traffic originating inside the network. The other (eth1, 192.168.1.2) is only used for a VPN, where all (udp) traffic originates from outside our network. I have created a second

Hi list, I''m new to this list, I just subscribed because I have some ackward about IPRoute2. First, while playing with NetFilter'' "MARK" target, I met a weird behaviour once I tried to use this marks in the RPDB : the packets where successfully marked, but it seemed that RPDB didn''t succed in matching them (for those who already know the answer, I only used

Hi List, i have a realy strange problem with no solution yet, i''m using iproute together with the iptables mangle option, in a dmz network is a cisco pix present with another inet link behind, therefore i''m using the mangle option to split traffic on a protocol base like: iptables -A PREROUTING -t mangle -i eth1 -s 192.168.1.5 -p tcp --dport 80 -j MARK --set-mark 3 and add the

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | | x eth1 (63.43.x.x)

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches /w support for multipath routing Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | |

Witam wszystkich After few days with yours help I''ve succeeded with setup of load-balancing. Now I have problem with next step. I want to mark some packets and than put them to the one of the routing tables to force them going via only one interface with only one ip. Easy?? Ofcourse, but not for me :(. I''m NOT using NAT. Chain OUTPUT (policy ACCEPT 71 packets, 24227

Hi all, i''m puzzled by a ploblem and I don''t know how to debug it... I have a firewall with 2 gateways, adsl and isdn. Main gateway is via adsl, backup via isdn. I setup 2 table ''adsl'' and ''isdn''. You can find a description below. I made a script to test both tables. That mainly 1. adds an iptables -t mangle -A

Hello, We have 3 DSL connections connected to eth3 and another interface with a dedicated link in eth0 (main table) We want to balance selected traffic (using fwmark and iptables) through our 3 DSL connections in a secondary table named DSL (without using the dedicated link in eth0), but the next command is not accepted, and gives us the following error: # ip route add default

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to

root ~ # ip route ls default 10.0.9.200 dev eth1 scope link 10.0.1.200 dev eth2 scope link 10.0.3.200 dev eth4 scope link 10.0.2.200 dev eth3 scope link default dev eth3 scope link root ~ # ip route ls table http default equalize nexthop dev eth1 weight 1 nexthop dev eth2 weight 1 root ~ # ip route ls table ssh default equalize nexthop dev eth1 weight 1

Hi, I am new in LARTC list. I had intermediate skills in networking. What I tried to do: Use 2 links with loadsharing + falt toletant (to add bandwitdh) ok ! I am use Debian Etch in router/fw With kernel debian default + routes-2.6.17-12.diff patch The Problem: The iproute2 just route thought the last gateway of nexthop rule. I was running tcpdump in 2 terminals, tcpdump -nni eth0 ...

Hi All, I was having trouble to enable all.accept_redirects due to our network structure, we have to enable it, but all libvirt installed machines contain this setting: net.ipv4.conf.all.accept_redirects = 0 I even use sysctl.conf to force to enable it, still no go, anyone know why? -- Thomas Lau Director of Infrastructure Tetrion Capital Limited Direct: +852-3976-8903 Mobile: +852-9323-9670

Hello, I have set up a multipath gateway. System is a linux 2.4.29 kernel, iproute 20010824, iptables 1.2.11. here is the setup: firewall:/# ip rule 0: from all lookup local 100: from all lookup main 152: from all fwmark 10 lookup wan1 153: from all fwmark 20 lookup wan2 201: from 213.223.96.121 lookup wan1 202: from 82.236.230.217 lookup wan2 1000: from

Firstly I don''t think this is a shorewall problem, but I suspect shorewall might be able to solve it for me. I''ve posted this so far at http://mandrakeusers.org/index.php?showtopic=18942 I''ve stumble upon a problem that has me stumped I have a multipath router using 2.6.8.1 with patches from here http://www.ssi.bg/~ja/#routes basic setup: ___ ISP1