Hi all, I need some guidance to get my problem fixed. I believe there is an issue with the 'nth' patch from the patch-o-matic, which is labeled as status 'works'. I have tunnels back and forth across the internet, using 'nth' to balance packets between different public networks (over the tunnels). I need to access some networks over two tunnels, and some network over three tunnels. I cant get routing working correctly when combinations of two and three tunnels are involved. *now for the more techincal explanation* Tunnel Server 1 (kernel 2.4.28, iptables 1.2.11 with nth and route) Network A is delivered over three tunnels to Tunnel Client A (works fine) Network B is delivered over three tunnels to Tunnel Client B (works fine)
Tunnel Server 2 (kernel 2.6.11, iptables 1.3.1 with nth and route) Network C is delivered over two tunnels to Tunnel Client C (works fine) Network D is delivered over two tunnels to Tunnel Client D (works fine) when network C is moved to to tunnel server 1, network A and B work fine, network C traffic gets excessive packet loss when network A is moved to tunnel server 2, network C and D get excessive packet loss, network A works fine. I'm using a different counter for each network, also, the mangle rule only applies to traffic destined for each network. I dont understand why one would be effecting the other, but it does. Here is my iptables -t mangle -L on tunnel server 2, before adding, and after adding. Chain POSTROUTING (policy ACCEPT) target prot opt source destination ROUTE all -- anywhere (Network C) every 2th packet #0 ROUTE oif:AMC_TUN1 gw:172.16.0.38 ROUTE all -- anywhere (Network C) every 2th packet #1 ROUTE oif:AMC_TUN2 gw:172.16.0.42 ROUTE all -- anywhere (Network D) every 2th packet #0 ROUTE oif:TB_TUN1 gw:172.16.0.26 ROUTE all -- anywhere (Network D) every 2th packet #1 ROUTE oif:TB_TUN2 gw:172.16.0.30 iptables -t mangle -A POSTROUTING --destination (Network A) -m nth --counter 2 --every 3 --packet 0 -j ROUTE --oif ASI_TEST_TUN1 --gw 172.30.0.14 iptables -t mangle -A POSTROUTING --destination (Network A) -m nth --counter 2 --every 3 --packet 1 -j ROUTE --oif ASI_TEST_TUN2 --gw 172.30.0.18 iptables -t mangle -A POSTROUTING --destination (Network A) -m nth --counter 2 --every 3 --packet 2 -j ROUTE --oif ASI_TEST_TUN3 --gw 172.30.0.22 Chain POSTROUTING (policy ACCEPT) target prot opt source destination ROUTE all -- anywhere (Network C) every 2th packet #0 ROUTE oif:AMC_TUN1 gw:172.16.0.38 ROUTE all -- anywhere (Network C) every 2th packet #1 ROUTE oif:AMC_TUN2 gw:172.16.0.42 ROUTE all -- anywhere (Network D) every 2th packet #0 ROUTE oif:TB_TUN1 gw:172.16.0.26 ROUTE all -- anywhere (Network D) every 2th packet #1 ROUTE oif:TB_TUN2 gw:172.16.0.30 ROUTE all -- anywhere (Network A) every 3th packet #0 ROUTE oif:ASI_TEST_TUN1 gw:172.30.0.14 ROUTE all -- anywhere (Network A) every 3th packet #1 ROUTE oif:ASI_TEST_TUN2 gw:172.30.0.18 ROUTE all -- anywhere (Network A) every 3th packet #2 ROUTE oif:ASI_TEST_TUN3 gw:172.30.0.22 If any more information is needed to help troubleshoot, please let me know. Thanks for any suggestions -Joe _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
