Re: source based routing help needed
- From: wahjava@xxxxxxxxx (Ashish Shukla आशीष शुक्ल)
- Date: Fri, 29 Feb 2008 00:19:50 +0530
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jack> I've been doing linux for a long time, but never have gotten the hang ofJack Snodgrass writes:
Jack> source based routing. I need to set this up now so I am seeing if someone
Jack> can help me out... I've seen lots of examples using ppp0/ppp1 and ip
Jack> addresses... but I just can't get a handle on this for my setup.
Jack> I have
Jack> eth0 ( local network )
Jack> tun1 ( web server traffic that comes in via a tunnel )
Jack> any traffic that comes in via the tun1 interface needs to go
Jack> back out the tun1 interface.
Jack> any traffic that comes in on the eth0 interface needs to go back
Jack> out on the eth0 interface.
Jack> I have this sort of working using standard routing where the 'default'
Jack> route goes over my tunnel so any web traffic that comes in, goes back
Jack> out that way correctly and I have my private network stuff set up to
Jack> route via eth0. The issue I have with this is that if the web server
Jack> does something like a yum update... the default route uses the tunnel
Jack> and I want it to use the eth0 interface.
I'm little confused here. if you don't make tunnel 'tun1' default
route, and make 'eth0' instead what happens. I assume following
happens, but I'm not sure, so correct me if I'm wrong:
tun1 - 192.168.1.1/24, eth0 - 10.0.2.1/24 (default route)
so if webserver listening on 192.168.1.1 receives a packet from
10.3.4.5 on tun1, when replies back, reply goes out via eth0 (the
gateway), since 10.3.4.5 belongs to none of the local networks. So
there is absolutely no relation between routing of packet from
10.3.4.5 and packet to 10.3.4.5, right ?
Jack> How can I get source based routing to work on just the eth0 / tun1
Jack> interfaces?
You need to setup some routing rules.
$tun1_gateway - tun1 gateway IPv4 address
$eth0_gateway - eth0 gateway IPv4 address
$tun1_ip - tun1 IPv4 address
$eth0_ip - eth0 IPv4 address
----8<----8<----
root@host # ip route add default via $tun1_gateway table 100
root@host # ip route add default via $eth0_gateway table 101
root@host # ip rule add from $tun1_ip table 100
root@host # ip rule add from $eth0_ip table 101
---->8---->8----
Above commands will create 2 source based rules, which basically
inteneds to route outgoing packet via the interface corresponding to
the packet's source address.
----8<----8<----
root@host # ip route add default via $eth0_gateway
---->8---->8----
And above command will choose eth0 as default route.
For more information, check out LARTC[1].
References:
[1] - http://www.lartc.org/
HTH
- --
Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHxwJOHy+EEHYuXnQRAtU4AKDhJ4tKsodayD+vhe92sWD45H4IoACgoI/o
1263r5dvDsQkfu2pjjZTggw=
=tcde
-----END PGP SIGNATURE-----
.
- Follow-Ups:
- Re: source based routing help needed
- From: Pascal Hambourg
- Re: source based routing help needed
- References:
- source based routing help needed
- From: Jack Snodgrass
- source based routing help needed
- Prev by Date: Re: lp (lpd) to cups migration
- Next by Date: ipv6 routing and neighbour discovery
- Previous by thread: source based routing help needed
- Next by thread: Re: source based routing help needed
- Index(es):
Relevant Pages
|
