similar to: rules not working- tables ignored

hi I have trying to remove the extra rules from my routing tables, however with no luck Also I want to know these duplicate entries have an effect on packets going routed? I have this overwhelming rules lists from my predessor who added the "ip rule add fwmark" entries in firewall script, and on each run of firewall script its creates an extra entry in routing table. Now what I want to

I made a script to test if in a moultiple gateway setup all default connection are up, regardless of the fact that that gateway is the default gw. Suppose adsl1 and adsl2 are present, and all traffic goes by default to adsl1, and you want to test if adsl2 is ok. 1. I use mangles from iptables to mark icmp packets to some test machines 2. I set up a routing table for each adsl 3. I use

Hello.. How can I specify a class for htb based on a fwmark and user ip ? For instance: I have some routes marked with fwmark and their are very-high speed connections... But only to some IP''s.. For the rest , I must limit the user to 64Kbits Now , how can I limit the high speed connections ? I must create a rule and take in account both fwmark and IP ? To be more specific , I want

Hello all, I am working with kernel 2.2.20 with the necessary options configured into the kernel to support all of the wonderfully fancy routing features: - routing based on ToS - routing based on fwmark - multiple routing tables This same kernel is in use elsewhere, and is routing based on fwmark with success. This leads me to believe that my kernel is OK and that I have another

Witam wszystkich After few days with yours help I''ve succeeded with setup of load-balancing. Now I have problem with next step. I want to mark some packets and than put them to the one of the routing tables to force them going via only one interface with only one ip. Easy?? Ofcourse, but not for me :(. I''m NOT using NAT. Chain OUTPUT (policy ACCEPT 71 packets, 24227

I have a working router (thanks to Julian''s patches and the threads on this site) load balancing over Dual ISP''s. Links for the curious (see router setup below as well) - Necessary Patches - http://www.ssi.bg/~ja/ How to Patch (I use Debian Sarge and downloaded the latest source from kernel.org) - http://www.desktop-linux.net/debkernel.htm Necessary Reading -

Hi, I am new in LARTC list. I had intermediate skills in networking. What I tried to do: Use 2 links with loadsharing + falt toletant (to add bandwitdh) ok ! I am use Debian Etch in router/fw With kernel debian default + routes-2.6.17-12.diff patch The Problem: The iproute2 just route thought the last gateway of nexthop rule. I was running tcpdump in 2 terminals, tcpdump -nni eth0 ...

hi thanks for your reply heh "Example: ip del rule pref 32742" is syntically wrong :) and when i tried "ip rule del 32742" it gives me error # ip rule del 32742 Error: argument "32742" is wrong: Failed to parse rule type so how to get get of these extra rules? 0: from all lookup local 32742: from all fwmark 0x2 lookup squid.out 32743: from all fwmark 0x2

Hi I have a strange problem. I have a firewall with 3 nics. 1 - lan 2 - leased line or diginet 3 - connected to adsl modem I have 2 tables in defined in /etc/iproute2/rt_tables: 200 diginet 201 adsl The ADSL modem has an IP of 192.168.0.1 and is configured to initiate the PPPOE connection. I can mark packets within the network destined for port 80 successfully: ip ro add default via x.x.x.x

Hi, I been trying on ip rule fwmark and iptables MARK. I will show my testing in detail, but my ultimate question is why ONLY marking in Mangle OUTPUT tables works, but not others? Network Diagram ------------ 192.168.250.197 eth0 LINUX ROUTER eth1 192.168.8.88 ------------------ 192.168.8.112 eth0 Windows XP Client Steps (performed on LINUX ROUTER) (1) Delete route to 192.168.8.0 from

Hello again :) Thank you all for your reply's. Below are the config files of the 3 hosts. I use  tinc in router mode. I do not have a kernel mode config lines anywhere so tinc must be using the default settings here. I added the ipaddressx to subnets on hostc and this works. Traffic to that ip is now routed via hostc. But since this ipaddressx address changes often I need to resolve it

I''m having trouble routing on high fwmarks, I want to use a lot of different marks for 2 routes so that I can QoS based on the marks ip rule looks like this: 0: from all lookup local 32751: from all fwmark 31 lookup dslout 32752: from all fwmark 30 lookup dslout 32753: from all fwmark 29 lookup dslout 32754: from all fwmark 28 lookup dslout 32755: from

Hi, Here I am trying something simple. My objective is to make ip rule fwmark command work :) Network Diagram: --- 192.168.250.197 (eth0) Linux Box (eth1) 192.168.8.88 -------------192.168.8.122 (eth0) Windows XP Client Configuration done on Linux Box:- (1) [root@g webauth]# iptables -t mangle -A PREROUTING -j MARK --set-mark 5 [root@g webauth]# iptables -t mangle -L Chain PREROUTING (policy

Hello all, I do not read C very well (especially kernel C). Though I have tried to muddle my way through an understanding of what''s going on in fib_hash.c, fib_rules.c, and route.c, I have not succeeded to my satisfaction, hence my post. I''m trying to document the general process of route selection, and have come up with the following overview. Could somebody point out any

Hi all, I''ve been using shorewall 3 (3.4.8 now) for a while on a simple gateway setup for my office. Routing is enabled only for a few hosts and all user access the internet thru squid, which is running on the shorewall box. I have a few other services on this box and some others on another server, but they don''t matter for what I need. Quick and dirty schematics to illustrate

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches /w support for multipath routing Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | |

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | | x eth1 (63.43.x.x)

Hello, I have tested a simple thing in two version of Linux and there was a problem when I have used fwmark as a selector for rule lookups. As you can see below on the Slack, the <test> table doesn''t have any label about fwmark. Is there an iproute problem? -------------------------------------- # cat /etc/fedora-release Fedora Core release 2 (Tettnang) # uname -r 2.6.5-1.358 #

Hi All, I''ve configured a mutlipath as detailed in the HOWTO. For the most part it''s great, but when the cheap DSL line drops it''s connection, as it regularly does, the outbound routing doesn''t automatically use the remaining path for internal outbound traffic. Ip route show lists no default route once the default path dies, and if the ppp connection is

Hi All, I''ve got server with one LAN card eth0 ip=10.0.0.5 default access t ointernety done through ADSL router gw 10.0.0.1 we got second internet access through another ADSL router gw 10.0.0.2 I want to send all e-mail out through gw 10.0.0.2 How it can be done? I''ve tried to mark packets: iptables -t mangle -A OUTPUT -p tcp --dport 25 -j MARK --set-mark 0x1 and ip ru add