> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
> On Behalf Of Peter Rabbitson
> Sent: Friday, June 15, 2007 2:30 PM
> Cc: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] Re: multiple routing tables for internal router
> programs
> Well then
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it,
but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They
have
their own routing tables also. But at present, they are all empty.
> > NATing is done with MASQUERADE, not SNAT, I use another MARK for it,
but
> > in essence it is
> > -o eth2 -j MASQUEARDE
> > -o eth3 -j MASQUEARDE
> >
> > In addition, there are several other MARKs for policy routing. They
have
> > their own routing tables also. But at present, they are all em
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it, but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They have
their own routing tables also. But at present, they are all empty.
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it, but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They have
their own routing tables also. But at present, they are all empty.
to:[EMAIL PROTECTED] On Behalf Of Salim S I
> Sent: Wednesday, June 13, 2007 12:08 PM
> To: 'Peter Rabbitson'
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] Re: multiple routing tables for internal router
> programs
>
> My configuration
>
> [EMAIL PROTECT
14, 2007 3:27 PM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
Salim S I wrote:
> I solved it, thought a bit ugly.
>
Sorry I didn't answer earlier. Can you post your iptables rules too, the
routing alone is not
Salim S I wrote:
I solved it, thought a bit ugly.
Sorry I didn't answer earlier. Can you post your iptables rules too, the
routing alone is not sufficient. If your setup is confidential at least
show all statements that set MARKs one way or another. What you did is
strange, but it might ver
nt: Wednesday, June 13, 2007 12:08 PM
> To: 'Peter Rabbitson'
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] Re: multiple routing tables for internal router
> programs
>
> My configuration
>
> [EMAIL PROTECTED]:~# ip ru
> 0: from all lookup local
> 321
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salim S I
Sent: Wednesday, June 13, 2007 12:08 PM
To: 'Peter Rabbitson'
Cc: lartc@mailman.ds9a.nl
Subject: RE: [LARTC] Re: multiple routing tables for internal router
programs
My configuration
[EMAIL PROTECTED]:
]
Sent: Tuesday, June 12, 2007 7:24 PM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
Salim S I wrote:
> Thanks! I get it now.
> But why the src address for the interface is wrong?
> In my case eth2 has a.b.c.d and
Salim S I wrote:
Thanks! I get it now.
But why the src address for the interface is wrong?
In my case eth2 has a.b.c.d and eth3 has p.q.r.s.
DNS queries going through eth2 has p.q.r.s as src address and those
going through eth3 has a.b.c.d. Something wrong with routing?
Possible. Post full c
check the lonk status) of
others work id domain name is used.
-Original Message-
From: Peter Rabbitson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 12, 2007 6:02 PM
To: Salim S I
Cc: 'Andrea'; lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for inter
Peter Rabbitson ha scritto:
Check the man page of ping, and look for the '-I' option. Most network
testing utilities have this capability in one form or another.By the way
if you request an _interface_ and not a specific IP, the first IP of the
interface is taken as listed by `ip addr`
Didn'
Salim S I wrote:
Here is my issue with ping.
When I use -I with ping, the DNS queries for that domain is still sent
out with wrong source address through the interface, and hence, no
reply. This happens in both WAN interfaces.
When I add rules in OUTPUT chain to reroute packets with the unmatchi
ne 12, 2007 5:29 PM
To: Andrea
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
Andrea wrote:
> Very very clear. Thanks very much!!! The only still obscure aspect for
> me is this:
>
> >you can request a specific interface (what y
Andrea wrote:
Very very clear. Thanks very much!!! The only still obscure aspect for
me is this:
>you can request a specific interface (what you would do with the ping
script)
Check the man page of ping, and look for the '-I' option. Most network
testing utilities have this capability in o
Peter Rabbitson ha scritto:
oThe routing (which occurs after OUTPUT) acts on the MARK
^
This is the focal point I'm searching for
Now what happens when there is no specific binding (you send from 0.0.0.0):
[snip]
Very very clear. Thanks very much!!!
Andrea wrote:
This is the exact way that I used for managing traffic of my lan towards
ISPs. But is this mode still valid if I want to manage services
executed directly in the router?
this rule:
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
capture all (web) tra
, June 12, 2007 4:00 PM
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
> I was saying Andrea: Try to define a new routing table, add a chain
in
> mangle table for tagging packets and add a rule to deliver those
packets
> to the
I was saying Andrea: Try to define a new routing table, add a chain in
mangle table for tagging packets and add a rule to deliver those packets
to the new route.
Again, I'm sorry. I didn't know this is a "english-only" list.
Thanks for the reply.
This is the exact way that I used for manag
Tom Diehl escribió:
>>
>
> Any possibility someone could repost this reply in english.
>
Sorry, Tom. My english is really awful.
>> Lo que podés hacer es "marcar" los paquetes mediante iptables -t mangle
>> y luego definir reglas (ip rule) para routear cada paquete de acuerdo a
>> la marca que te
On Mon, 11 Jun 2007, Javier Charne wrote:
Andrea escribió:
Maybe a strange request, I'll try to explain this as clearer as I can
(forgive my bad english, please :-) ).
Está permitido responder en castellano en esta lista?
I'm setting a linux box as a router. My router uses multiple routing
23 matches
Mail list logo
