iproute2 source routing with table - masquerading doesn't work
From: Marco Dieckhoff (dieck_at_gmx.de)
Date: 03/16/04
- Next message: Angus Marshall: "Re: ppp: I (dns) cannot resolve"
- Previous message: Thomas Tuegel: "Re: WvDial/PPPD Dials, Authenticates, and Dies"
- Next in thread: Clifford Kite: "Re: iproute2 source routing with table - masquerading doesn't work"
- Reply: Clifford Kite: "Re: iproute2 source routing with table - masquerading doesn't work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 16 Mar 2004 23:23:30 +0100
Hi!
I have a router with the following interfaces:
eth0 a.b.163.225 (/27) internal network
eth1 a.b.167.230 (/29) routing subnet (university)
ppp0 80.1.2.3 ptp 217.4.5.6 DSL (pppoe, dynamic ips, to be masqueraded)
server:~# ip route show
217.4.5.6 dev ppp0 scope link
a.b.167.225 dev eth1 scope link
a.b.167.224/28 dev eth1 proto kernel scope link src a.b.167.230
a.b.163.224/27 dev eth0 proto kernel scope link src a.b.163.225
a.b.0.0/16 via a.b.167.225 dev eth1
default via a.b.167.225 dev eth1
And i have 2 iproute2-tables "lwl" and "dsl"
server:~# ip route show table lwl
a.b.167.225 dev eth1 scope link
a.b.0.0/16 via a.b.167.225 dev eth1
default via a.b.167.225 dev eth1
server:~# ip route show table dsl
217.5.98.134 dev ppp0 scope link
default via 217.5.98.134 dev ppp0
To avoid other errors I flushed all iptables (and -t nat) and just
inserted a single
iptables -t nat -I POSTROUTING -i eth0 -o ppp0 -j MASQUERADE
If I set a
ip rule add from a.b.163.242 table lwl
to put the pc a.b.163.242 to lwl routing, it works fine.
(To be sure it's really the table lwl and not the standard default routing i
set a different gateway, and i IS table lwl)
If i try that with dsl:
ip rule add from a.b.163.242 table dsl
the packets vanish somewhere in routing, I can't really figure out where.
They don't appear in tcpdump -i ppp0.
But if I don't set a ip rule and do standard routing to dsl with
ip route del default
ip route add default via 217.4.5.6 dev ppp0
all works fine, masquerading included.
Any hints how to get the table dsl working?
-- Marco Dieckhoff icq# 22243433 GPG Key 0x1A6C95BA -- http://www.frankonia-brunonia.de/keys
- Next message: Angus Marshall: "Re: ppp: I (dns) cannot resolve"
- Previous message: Thomas Tuegel: "Re: WvDial/PPPD Dials, Authenticates, and Dies"
- Next in thread: Clifford Kite: "Re: iproute2 source routing with table - masquerading doesn't work"
- Reply: Clifford Kite: "Re: iproute2 source routing with table - masquerading doesn't work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
