Re: [Shorewall-users] marking and routing (with dual default routes) not working

Fri, 28 Dec 2007 16:23:05 -0800 

Brian J. Murrell wrote:
> Well, it probably is working.  I'm probably just misunderstanding
> something.
> 
> Given routing rules that look like this:
> 
> 0:      from all lookup local 
> 10000:  from all fwmark 0x40 lookup CGCO 
> 10001:  from all fwmark 0x80 lookup IGS 
> 20000:  from 67.193.45.68 lookup CGCO 
> 20256:  from 66.11.173.224 lookup IGS 
> 32766:  from all lookup main 
> 32767:  from all lookup default 
> 
> and given the CGCO routing table:
> 
> 10.8.0.2 dev tun0  proto kernel  scope link  src 10.8.0.1 
> 67.193.45.68 dev eth0.1  scope link 
> 192.168.200.1 dev ppp0  proto kernel  scope link  src 66.11.173.224 
> 10.8.0.0/24 via 10.8.0.2 dev tun0 
> 10.75.22.0/24 dev br-lan  proto kernel  scope link  src 10.75.22.254 
> 10.75.23.0/24 via 10.8.0.2 dev tun0 
> 67.193.44.0/23 dev eth0.1  proto kernel  scope link  src 67.193.45.68 
> default via 67.193.44.1 dev eth0.1 
> 
> and the main routing table:
> 
> 10.8.0.2 dev tun0  proto kernel  scope link  src 10.8.0.1 
> 192.168.200.1 dev ppp0  proto kernel  scope link  src 66.11.173.224 
> 10.8.0.0/24 via 10.8.0.2 dev tun0 
> 10.75.22.0/24 dev br-lan  proto kernel  scope link  src 10.75.22.254 
> 10.75.23.0/24 via 10.8.0.2 dev tun0 
> 67.193.44.0/23 dev eth0.1  proto kernel  scope link  src 67.193.45.68 
> 169.254.0.0/16 via 10.75.22.223 dev br-lan  proto zebra  metric 20 equalize 
> default 
>         nexthop via 67.193.44.1  dev eth0.1 weight 1
>         nexthop via 192.168.200.1  dev ppp0 weight 1
>

Both tables are the same, is the copy column in the providers file
blank? Both provders' routing should not be in each others table. The
use of that column, results in just a single provider's routes being in
the providers routing table.


/sbin/ip route ls table SHAW
24.78.192.1 dev eth1  scope link  src 24.78.192.197
10.3.0.0/24 dev eth0  proto kernel  scope link  src 10.3.0.75
24.78.192.0/23 dev eth1  proto kernel  scope link  src 24.78.192.197
169.254.0.0/16 dev eth1  scope link
default via 24.78.192.1 dev eth1

Note the lack of routing for my other provider. Just the local lan and
that provider's routing

Jerry







-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to