Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   port based routing (http://www.linux-archive.org/centos/259966-port-based-routing.html)

Marcus Moeller 03-09-2009 07:32 PM

port based routing
 
Good Evening,

I am trying to set up port based routing on a CentOS 5.2 box as described here:

http://www.linuxhorizon.ro/iproute2.html (second example)


Therefor I have set up the following mangle and routing rules:

$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1100 -j MARK --set-mark 1
$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1101 -j MARK --set-mark 2

$IPTABLES -A OUTPUT -t mangle -p tcp --dport 1102 -j MARK --set-mark 3

$IP route add default dev ppp100 table SOESTCOM1
$IP route add default dev ppp101 table VERSATEL1
$IP route add default dev ppp102 table TONLINE1


$IP rule add from all fwmark 1 table SOESTCOM1
$IP rule add from all fwmark 2 table VERSATEL1
$IP rule add from all fwmark 3 table TONLINE1


iptables -t mangle -L -vn output:

http://pastebin.centos.org/24626

shows that the packages are marked correctly.

Here is an example ip route show table output:


default dev ppp102* scope link

But it seems (and tcpdump indicates) that packages are still routed via default route, instead.

Do I need to set some proc flags to activate port based routing?

Best Regards

Marcus

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Marcus Moeller 03-12-2009 05:32 PM

port based routing
 
Good Evening,

There seems to be a bug in iproute caused by nla policy introduction
to the kernel:

http://mailman.ds9a.nl/pipermail/lartc/2007q1/020493.html

So I was not able to set ip rules using e.g.:

ip rule add from all fwmark 3 table TONLINE1

which lead to an error:

RTNETLINK answers: Numerical result out of range

I did the trick with replacing 'all' with '0.0.0.0/0'

Best Regards
Marcus
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 08:12 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.