i almost forgot to include nic local route.. let say eth0 ip is 192.168.1.123/24 and eth1 ip is 192.168.2.123/24
ip route add 192.168.1.0/24 dev eth0 table routerA ip route add 192.168.2.0/24 dev eth1 table routerB as incoming packets consult the routing table if it is destined to the server or to the other network (where ip_fowarding = 1).. if the nic local route is not in there.. it will go to default gateway that configured previously.. to display the the virtual routing table ip route show table routerA/B fooler. On Sun, Jul 3, 2016 at 7:56 AM, fooler mail <[email protected]> wrote: > ill give you an idea how to do it as im blind with your network topology > > linux can now have multiple virtual routing tables as well as multiple > network namespaces.. this leads to virtualization in the OS layer such > as LXC, Docker, etc... > > assuming your server have two network interface cards .. eth0 > connected to router A and eth1 connected to router B > > virtual routing table id is based on number.. we will make a mapping > that virtual routing table id number to name.. just like in /etc/hosts > but the file is /etc/iproute2/rt_tables: > > echo "200 routerA" >> /etc/iproute2/rt_tables > echo "201 routerB" >> /etc/iproute2/rt_tables > > then create their default gateway for table routerA and table routerB: > > ip route add default via <router A gateway IP address> dev eth0 table routerA > ip route add default via <router B gateway IP address> dev eth1 table routerB > > then you have to mark or tag the incoming packets for eth0 and eth1.. > we will tag all packets coming from eth0 as tag id 1 and all packets > coming from eth1 as tag id 2: > > iptables -A PREROUTING -t mangle -i eth0 -j MARK --set-mark 1 > iptables -A PREROUTING -t mangle -i eth1 -j MARK --set-mark 2 > > you can add specific destination protocol and port number of your > server service in the iptables rule above to match specific packet... > > next is to add policy based routing rule: > > ip rule add from all fwmark 1 table routerA > ip rule add from all fwmark 2 table routerB > > the above rule says: > > if outgoing packet tag as 1.. it will consult virtual routing table > routerA.. because your default gateway is the router A gateway IP > address.. it will send to router A... > if outgoing packet tag as 2.. it will consult virtual routing table > routerB.. because your default gateway is the router B gateway IP > address.. it will send to router B... > > thats the basic of policy based routing... > > fooler. > > > > > On Sat, Jul 2, 2016 at 1:37 AM, Michael Tinsay <[email protected]> wrote: >> Thank you for the info fooler. >> >> I get what you're saying about policy-based routing, but isn't that >> applicable only to connections initiated by the server? Can policy-based >> routing also do "All connections initiated externally and coming through the >> router ip address so-and-so goes through that router"? >> >> >> ________________________________ >> From: fooler mail <[email protected]> >> To: Michael Tinsay <[email protected]>; Philippine Linux Users' Group >> (PLUG) Technical Discussion List <[email protected]> >> Sent: Saturday, 2 July 2016, 11:33 >> Subject: Re: [plug] Recognizing traffic from multiple gateways >> >> that is correct because traffic came from router A and B use the main >> routing table... your solution is to use policy based routing.... >> create additional two routing table aside from the default or main >> routing table.. for incoming traffic for A or B.... mark or tag it ... >> upon out going.. your policy rule state that packet tag for A goes to >> gateway of A and tag for B goes to gateway of B.. non tag packets >> goes to the main routing table's default gateway... >> >> fooler. >> >> >> >> On Thu, Jun 30, 2016 at 3:05 AM, Michael Tinsay <[email protected]> wrote: >>> Ooops... My bad. I sent the email without putting a subject. Please >>> reply >>> to this one instead. >>> >>> >>> ________________________________ >>> From: Michael Tinsay <[email protected]> >>> To: "Philippine Linux Users' Group (PLUG) Technical Discussion List" >>> <[email protected]> >>> Sent: Thursday, 30 June 2016, 15:03 >>> Subject: >>> >>> Hi. >>> >>> Have a question for the tcp/ip experts here. >>> >>> I recently had to split my various DSL lines between 2 routers. So Router >>> A >>> have 3 lines connected to it while Router B has 2. I now have a server >>> who >>> will be receiving external traffic through these servers via port >>> forwarding. As I understand it, without any additional configuration the >>> server will send outside-bound traffic through via the default route. As >>> such, if Router A is the default route for the server, even if the traffic >>> came from Router B the responses will be sent via Router A. >>> >>> If this is correct, what do I need to set up to have the server recognize >>> which traffic is coming from which router and send its responses to the >>> proper router accordingly? >>> >>> TIA! >>> >>> >>> --- mike t. >> >>> >>> >>> >>> _________________________________________________ >>> Philippine Linux Users' Group (PLUG) Mailing List >>> http://lists.linux.org.ph/mailman/listinfo/plug >>> Searchable Archives: http://archives.free.net.ph >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph >> >> >> >> >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
