Re: [Shorewall-users] incorrect routeback path -- missing DNAT rules or MARKs?

PGNet Dev Thu, 21 Jan 2021 12:16:54 -0800

I've added provider marks

        @ Router1 /providers


        #NAME    NUM    MARK     DUP    INTFC     GW          OPTS
        ispA     1      0x100    -      EXT_IF    detect      track,balance
        vpnA     2      0x200    -      VPN_IF    10.1.1.2    track,fallback


        @ Router2  /providers

        #NAME    NUM    MARK     DUP    INTFC     GW          OPTS
        isbB     1      0x100    -      EXT_IF    detect      track,balance
        vpnB     2      0x200    -      VPN_IF    10.1.1.1    track,fallback

So that, IIUC, traffic moving either direction over the vpn link gets a

        0x200

mark.

If that's correctly done, then can that mark be used to 'tell' SW the routeback 
path to use IFF the mark is present?


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] incorrect routeback path -- missing DNAT rules or MARKs?

Reply via email to