[LARTC] Multihomed Masquerading, routing and iptables
Rio Martin
rio@martin.mu
Tue, 6 Jan 2004 08:49:38 +0700
On Monday 05 January 2004 19:06, Gordan Bobic wrote:
> On Monday 05 Jan 2004 11:54, Gordan Bobic wrote:
> > On Monday 05 Jan 2004 11:28, Art=C5=ABras =C5=A0lajus wrote:
> > > Gordan Bobic wrote:
> > > > Hmm. Just replace -j MASQUERADE with -j SNAT? Will that not break
> > > > other things?
> > > -j SNAT your_ip
> > Or rather -j SNAT --to-source your_ip. I get it. I'll check if that wor=
ks
> > better than masquerading.
> Just tried it - no difference. Packets still come out with source IP
> address not matching the interface. :-(
Try it switch manually, first you set up without iproute. Remove all the=20
tables you have created and flush it. Try with ISP1 first. Do SNAT --to=20
ip.of.ISP1
Is it work? Okay, now switch to the ISP2. Do SNAT --to ip.of.ISP2.=20
It should be work, otherwise something wrong with the kernel or iptables yo=
u=20
had on your machine.
=46inish this step first, report back to the list.
Regards,
Rio Martin.