Hi all,
I Wish to route all fw traffic to ISP1
But the rule gets ignored
In my tcrules file I have only one rule.
0x100 $FW -
with high route marks .
Then after executing a ping from fw->net I found out that successive
pings get routed interchanged to both isp providers.
my provi
OK I've just included a shorewall dump in the mail
The update on this is that ...
Indeed the ping gets routed to ISP1
I also can see the reply comming in ( tcpdump )
however ping or fping lies there dead
Mean while
#ip route get IP_ADDRESS
shows the particular address I was pinging as it w
Harry Lachanas wrote:
> however when I add a rule from Loc->net and mark packets to go through a
> particular provider it also looked like both ISPs where used.
>
> Then I replaced the balance option with loose and it the fw->net traffic
> got routed through the ISP1 but I am not sure that this
Harry Lachanas wrote:
> Indeed the ping gets routed to ISP1
> I also can see the reply comming in ( tcpdump )
> however ping or fping lies there dead
Probably being dropped as martians -- but you'll never know it since you
haven't enabled martian logging.
>
> I Wish to route all fw traffic
>
> The only thing that 'loose' does is that it causes one routing rule per
> external interface to be omitted (the rule that allows applications to
> bind to a particular interface's address to force the application use
> that interface). Specifying 'loose' is an alternative to the technique
> of
Harry Lachanas wrote:
>> The only thing that 'loose' does is that it causes one routing rule per
>> external interface to be omitted (the rule that allows applications to
>> bind to a particular interface's address to force the application use
>> that interface). Specifying 'loose' is an alternativ
On Fri, Dec 12, 2008 at 1:47 AM, Harry Lachanas wrote:
>
> If say openvpn is running on firewall should by started with
> a) --locall 0
> or
> b) --local xx.xx.xx.xx
> ???
>
And if you're running with multiple interfaces, you better be running
OpenVPN 2.1RC with --multihome.
Otherwise things ge
