|
|
The setup you've described is very close to that one pointed in the "Linux Advanced Routing & Traffic Control HOWTO" in the section 10: 10. Loadsharing over multiple interfaces & CAVEATS, without this part: "...Nothing is as easy as it seems. eth1 and eth2 on both router A and B need to have return path filtering turned off, because they will otherwise drop packets destined for ip addresses other than their own: # echo 0 > /proc/net/ipv4/conf/eth1/rp_filter # echo 0 > /proc/net/ipv4/conf/eth2/rp_filter ..." Look, RSalles Vinicius Venit disse: > Hi all, > > I have a server with 3 Ethernet interfaces > > eth0 (ppp0) = internet conexion = DHCP ADSL = dinamic IP address > gateway = 200.216.X.X > eth1 = internal network = 192.168.0.200 > eth2 = internet access = 200.xxx.xxx.xxx > gateway = 200.X.X.X > > This means I have two internet access in the same server. > In my LAN I'm using the IP scope 192.168.0.0 to 192.168.0.254 and i want > split this IP addresses to make half use one internet acces and the > other half use the other internet acces. Like this: >>From 192.1.0.0 to 192.168.0.128 use the the eth0(ppp0) interface and >>From 192.168.0.128 to 192.168.0.254 use the eth2 interface. > > I try to do this using iptables and iproute2: > > iptables > > iptables -t mangle -A PREROUTING -s 192.168.0.0/25 -j MARK --set-mark 1 > iptables -t mangle -A PREROUTING -s 192.168.0.128/25 -j MARK --set-mark > 2 > > iproute2 > > echo 200 eth0 >> /etc/iproute2/rt_tables > echo 202 eth2 >> /etc/iproute2/rt_tables > > ip route add fwmark 1 table eth0 > ip route add fwmark 2 table eth2 > > ip rule add from 192.168.0.0/25 table eth0 > ip rule add from 192.168.0.128/25 table eth2 > > ip route add 192.168.0.0/25 dev eth1 scope link table eth0 > ip route add default via 200.216.X.X dev ppp0 table eth0 > > ip route add 192.168.0.128/25 dev eth1 scope link table eth2 > ip route add default via 200.X.X.X dev ppp0 table eth2 > > ip route flush cache > > Made this the lower half IP scope (192.168.0.0-128) works fine and get > internet access througth eth2, but the hier IP scope doesn't get > internet access thougth eth1(ppp0) and neither by eth2. > > I have used traceroute command to see what is goin on and I found this: > the hier scope got until the eth1(ppp0) and die over it. > > traceroute www.google.com > traceroute to www.google.akadns.net (216.239.53.99), 30 hops max, 38 > byte packets > 1 192.168.0.125 (192.168.0.250) 2.121 ms 1.688 ms 2.171 ms > 2 200.216.95.209 (200.216.xx.xxx) 27.330 ms 32.407 ms 31.147 ms > 3 * * * > 4 * * * > > I wrote the larctc and I print it to read more times.... I really need > read it more times .... but I want to know if someone alredy deal with > this situation or has a problem like this. I really want some help. > > Regards, > > > -- > To UNSUBSCRIBE, email to debian-user-portuguese-request@xxxxxxxxxxxxxxxx > with a subject of "unsubscribe". Trouble? Contact > listmaster@xxxxxxxxxxxxxxxx > -- "A well-written program is its own heaven; a poorly-written program is its own hell." TAO of Programming - Book 4 ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |