I'm modifying a shorewall6-lite instance to MultiISP support.
My initial config -- migrated from a working IPv4 multiISP setup -- is
/providers
...
native6 1 0x100 main EXT_IF detect track,balance
10 he6 2 0x200 main HE6_I
On 8/18/2015 11:58 AM, PGNet Dev wrote:
> I'm modifying a shorewall6-lite instance to MultiISP support.
>
> My initial config -- migrated from a working IPv4 multiISP setup -- is
>
> /providers
> ...
> native6 1 0x100 main EXT_IF detect track,balance
>
On Tue, Aug 18, 2015, at 03:28 PM, Tom Eastep wrote:
> It depends on how you have broken down the mark for various uses -- see
> http://www.shorewall.org/PacketMarking.html#Values.
Thanks.
The problem was the mask -- for the given mark format.
For the used marks, editing in shorewall6.conf
I'm setting up IPv6 multiISP.
The default provider is via eth0.
With no providers defined, IPv6 is working.
At this point, the 'main' routing table is
shorewall6-lite show routing
...
Table main:
local ::1 dev lo proto kernel metric 256 p
On 8/18/2015 5:43 PM, PGNd wrote:
> I'm setting up IPv6 multiISP.
>
> The default provider is via eth0.
>
> With no providers defined, IPv6 is working.
>
> At this point, the 'main' routing table is
>
> shorewall6-lite show routing
> ...
> Table main:
>
>
On Tue, Aug 18, 2015, at 05:54 PM, Tom Eastep wrote:
> You cannot use link local addresses in any Shorewall6 config file.
Atm, I'm working on a VPS (Linode).
The provider is Linode native IPv6.
The default gateway is, simply, fe80::1 for each Linode.
How then, do you specify that gateway in a m
On 8/18/2015 6:27 PM, PGNd wrote:
> On Tue, Aug 18, 2015, at 05:54 PM, Tom Eastep wrote:
>> You cannot use link local addresses in any Shorewall6 config file.
>
> Atm, I'm working on a VPS (Linode).
>
> The provider is Linode native IPv6.
>
> The default gateway is, simply, fe80::1 for each Lino
Seeing the recent question on Marks with IPv6 I went back to review a
setup I'm currently testing.
In my tcrules file I have:
CONTINUE$FW-----!0x0
This generates the following mangle rule:
-A tcout -m mark ! --mark 0x0/0xff -j RETURN
But based on my config file:
T
