|
|
Shame, this is a wrong-recipient mistake. Excuse-me, RSalles PS: Excuses, this message is just an imagination of your mind and doesn't exist... (... i recall an incident between F. Kafka and his siter (?) one night: he enters in silence in her bedroom to search for something, when she started to wake-up he says: "Sleep......I'm only a dream..." Renato Salles disse: > The setup you've described is very close to that one pointed in the "Linux > Advanced Routing & Traffic Control HOWTO" in the section 10: 10. > Loadsharing over multiple interfaces & CAVEATS, without this part: > > "...Nothing is as easy as it seems. eth1 and eth2 on both router A and B > need to have return path filtering turned off, because they will otherwise > drop packets destined for ip addresses other than their own: > > # echo 0 > /proc/net/ipv4/conf/eth1/rp_filter > # echo 0 > /proc/net/ipv4/conf/eth2/rp_filter > > ..." > > Look, > > RSalles > > > Vinicius Venit disse: >> Hi all, >> >> I have a server with 3 Ethernet interfaces >> >> eth0 (ppp0) = internet conexion = DHCP ADSL = dinamic IP address >> gateway = 200.216.X.X >> eth1 = internal network = 192.168.0.200 >> eth2 = internet access = 200.xxx.xxx.xxx >> gateway = 200.X.X.X >> >> This means I have two internet access in the same server. >> In my LAN I'm using the IP scope 192.168.0.0 to 192.168.0.254 and i want >> split this IP addresses to make half use one internet acces and the >> other half use the other internet acces. Like this: >>>From 192.1.0.0 to 192.168.0.128 use the the eth0(ppp0) interface and >>>From 192.168.0.128 to 192.168.0.254 use the eth2 interface. >> >> I try to do this using iptables and iproute2: >> >> iptables >> >> iptables -t mangle -A PREROUTING -s 192.168.0.0/25 -j MARK --set-mark 1 >> iptables -t mangle -A PREROUTING -s 192.168.0.128/25 -j MARK --set-mark >> 2 >> >> iproute2 >> >> echo 200 eth0 >> /etc/iproute2/rt_tables >> echo 202 eth2 >> /etc/iproute2/rt_tables >> >> ip route add fwmark 1 table eth0 >> ip route add fwmark 2 table eth2 >> >> ip rule add from 192.168.0.0/25 table eth0 >> ip rule add from 192.168.0.128/25 table eth2 >> >> ip route add 192.168.0.0/25 dev eth1 scope link table eth0 >> ip route add default via 200.216.X.X dev ppp0 table eth0 >> >> ip route add 192.168.0.128/25 dev eth1 scope link table eth2 >> ip route add default via 200.X.X.X dev ppp0 table eth2 >> >> ip route flush cache >> >> Made this the lower half IP scope (192.168.0.0-128) works fine and get >> internet access througth eth2, but the hier IP scope doesn't get >> internet access thougth eth1(ppp0) and neither by eth2. >> >> I have used traceroute command to see what is goin on and I found this: >> the hier scope got until the eth1(ppp0) and die over it. >> >> traceroute www.google.com >> traceroute to www.google.akadns.net (216.239.53.99), 30 hops max, 38 >> byte packets >> 1 192.168.0.125 (192.168.0.250) 2.121 ms 1.688 ms 2.171 ms >> 2 200.216.95.209 (200.216.xx.xxx) 27.330 ms 32.407 ms 31.147 ms >> 3 * * * >> 4 * * * >> >> I wrote the larctc and I print it to read more times.... I really need >> read it more times .... but I want to know if someone alredy deal with >> this situation or has a problem like this. I really want some help. >> >> Regards, >> >> >> -- >> To UNSUBSCRIBE, email to debian-user-portuguese-request@xxxxxxxxxxxxxxxx >> with a subject of "unsubscribe". Trouble? Contact >> listmaster@xxxxxxxxxxxxxxxx >> > > > -- > "A well-written program is its own heaven; a poorly-written program is its > own hell." > TAO of Programming - Book 4 > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- "A well-written program is its own heaven; a poorly-written program is its own hell." TAO of Programming - Book 4 ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |