similar to: Routing/NAT question

I recompiled yet 2.6.19.1 kernel (using iptables with the same patches too). The configuration for this test is: 1) linux box with 2.6.19.1 kernel (SMP machine) with these patches/modules: a) l7-filter b) ipp2p c) connlimit d) set 2) 4 ethernet interfaces: a) 2 external (eth1 and eth3) interfaces with balanced links (as described in nato-howto) bridged as wan0

Hi, I have a suspicious problem with multiple uplinks configuration. First of all my configuration: 1) kernel 2.6.20.3 2) iptables 1.3.7 3) last iproute (for masked marks) All wan interfaces are bridged (stp disabled) in only one interface (wan0), all lan interfaces are bridged (stp enabled) in only one interface (zlan0). The wan0 bridge is to allow UPnP works. To allow related

IMHO, i believe that it would be more realistic to have one router providing load balancing/dead gateway to one/several subnet(s). otherwise, each server/user would have to do their own load balancing for each subnet! that, or you would need 3 routers, one for each subnet and a linux router doing the load balancing in the middle. with 3 routers, the load balancing configurations

Hi all! After that good thread "DGD patch not detecting dead gateway" I was able to set up a Load Balancing with ping based DGD (without Julian Anastasov patch). But now I''m facing a new problem and tried some options, with only partial solutions. I made a script based on http://www.mail-archive.com/lartc@mailman.ds9a.nl/msg16257.html (Thank you Manish Kathuria),

Hi All, I''ve got server with one LAN card eth0 ip=10.0.0.5 default access t ointernety done through ADSL router gw 10.0.0.1 we got second internet access through another ADSL router gw 10.0.0.2 I want to send all e-mail out through gw 10.0.0.2 How it can be done? I''ve tried to mark packets: iptables -t mangle -A OUTPUT -p tcp --dport 25 -j MARK --set-mark 0x1 and ip ru add

I''m converting my network from a "one interface per segment" to a "single connection with vlans", well, some hardware I have requires using different vlan IDs. suffice it to say I need bridges to connect a few different vlans that should all be one but can''t be because of firmware constraints. so my first step is to get shorewall to know about bridges.

Sorry for the long descritpion of the problem, I''d like to know If I misunderstand something or if I meet an intrinsic limit of my setup. 217.58.51.162 HDSL eth1 - SRV_XP: 192.168.254.10 eth0: 192.168.254.1 -----+------------------+------- 81.121.243.250 ADSL eth3 - I want to allow incoming pptp request (port 1723) to be forwarded to srv_xp

Hi all! I''ve got 2 (soon 3) internet connection. 1 - via ADSL, 2(and3) via ppp My network: http://desima.objectis.net/network-diag linux1: user1.user2 eth0=192.168.1.1 ppp0=192.168.5.2( gw 192.168.5.1) gw=192.168.1.2 ( thru ADSL) compA=192.168.1.6 compB=192.168.1.15 gw2=192.168.1.217 via ppp to different ISP All works for compA and CompB, user1 should use default gw(192.168.1.2)

I am trying to build a firewall and from my reading of the list archives and other places, I''m worried about unintended interactions between iptables and iproute2. Here is my situation I have an internal network on eth0 and two separate dmzs on eth1 and eth2 respectively (a wireless network and a kiosk). On the outbound side, I have a cablemodem provider and a dsl provider. What I

I'm having trouble figuring out how to make a bridge that does not block forwarding of packets when there is no receive channel in the same bridge. The reason I want to do this is that the return path is via another circuit. The two directions are on two different radios. I would think this would be like the response given to someone in July 2007 about setting a "hub" mode by

Hi, could anyone provides any example about the use of ip route command to force the use of one route using masks in the mark? The configuration is: 1 LAN (zlan0) iface N WAN (wan0 ... wanN) ifaces with static IPs and load balanced. iptables 1.3.7 kernel 2.6.19.2 iproute 2.6.19 I''m yet setting marks into packets for QoS and its working, I now want to set some bits (OR)

Ok ive been trying to get this to work for about half a year now. Ive searched all over the internet for a solution for my problem. Ive found some solutions, but they only led me to yet more problems. What we want to do is the following: I live in a student complex with 7 other people. Every room has its own internet connection from the same ISP. Ip, gateway, subnet are asigned through dhcp on

Hello, I have a Debian-Woody-3.0 Router with 3 NIC''s. Kernelversion 2.4.18 +------------+ +-------------+ | | | | |192.168.1.1 | | 192.168.2.1 | | DSL-Router | | ISDN-Router | +------------+ +-------------+ | |

Hello! I need assistance to solve my problem related to traffic shaping based on the user ids. The problem: each unix user (of the linux host) has to be limited with incoming channel (internet) bandwidth. I need this to implement internet access solution based on ltsp (http://www.ltsp.org). As far as I know the best way to shape traffic in linux is CBQ. But there is no filter based on unix

Hi folks, I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN. I can ping the network behind server firewall from client firewall server. But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall? Thank you Remus

Hello, I have an issue with multiple connections to the Internet. I tried following the steps described in [1] but things are not working properly. I would like the network setup as follows: ______ | |- ppp0 -- Dynamic IP (PPPoE on eth2) Internal---- eth0 | GW | |____|- eth1 -- Static IP -> Static''s GW From [1], the

I configured multiple isp (actually only multiple gw) according http://lartc.org/howto/lartc.rpdb.multiple-links.html. Now NAT (Internet) seems to work, both external interfaces work ( I didnt configure load balancing because I dont need it). However I have problem that I can not ping from NAT to public ip of my Linux box. Problem is that I can not connect from 192.168.1.0/24 network to services

Hello all, I have a linux machine with a SIP server (Asterisk) and 2 WAN interfaces (NATed) configured to do load balancing. I experienced problems with the SIP/RTP protocols and load balancing, because when initiating a call to an external SIP Host, a new RTP flow starts from the server to the Host, that sometimes uses another default route (due to the nexthop configuration). As i have two

On Tue, Apr 10, 2018 at 03:36:08PM +0200, Hans de Groot wrote: > hosta  <--> hostb  <-->  hostc > > Hosta and hostc are not directly connected via tinc. But both are conncted > via hostb (I called my network tincnet). This works fine I can ssh from > hosta to hostc and vice versa without any problems. > > hostc is in a whitelisted iprange at some service

Hi I want to block the IP traffic between any 2 hosts on a switched ethernet LAN. Will setting all the possible IP addresses on a linux machine in the LAN do the trick or there is another easier solution? -- Anton Glinkov network administrator _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: