[LARTC] Multi default gateway and 2.4.30

Alexander Samad alex at samad.com.au
Fri Apr 7 03:33:27 CEST 2006 

On Fri, Apr 07, 2006 at 08:27:53AM +1000, Alexander Samad wrote:
> On Fri, Apr 07, 2006 at 08:04:18AM +1000, Alexander Samad wrote:
> > Hi
> > 
> > I have just moved my firewall from a 2.6 debian machine to a 2.4.30
> > openwrt (linksys wrt54gs) box.
> > 
> > I orginially had this working with 2 isp, 1 cable 1 adsl and dyndns.
> > 
> > Now when i have moved to 2.4.30 I am having problems.  Everything else
> > is working fine except when I DNAT packets from the firewall to an
> > internal address, ie my web browser is inside so I DNAT from the
> > external IP  to the internal web server.
> > 
> > now I am getting time outs, upon investigation what is happening is that
> > packets are coming in, getting DNAT'ed, the web server is returning
> > them, they get un DNAT, but a new call to the routing table is made and
> > it seems to bypass the ip rules rules I have, all traffic that
> > terminates on the external IP is okay and doesn't suffer from the
> > problem.
> > 
> > I remember reading about patches for the iproute and the kernel but I
> > haven't kept up to date with those since I started using 2.6
> > 
> > Am i missing a patch ??
> > 
> > Thanks
> > 
> > 
> 
> Had anothe look through the archives, via google and found a thread
> about 2.4.29 and the fact that the default routes shouldn't be in the
> main table.
> 
> I have removed the default routes and placed them in the default table
> and things seem to be okay now.
> 
> Is this a know problem ????

Oops bumbling fingers type the wrong addresses in tcpdump, make no
difference. it is like ip ru is not being used after un natting is
happening


> 
> 
> > _______________________________________________
> > LARTC mailing list
> > LARTC at mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> 



> _______________________________________________
> LARTC mailing list
> LARTC at mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://mailman.ds9a.nl/pipermail/lartc/attachments/20060407/174ccd21/attachment.pgp

More information about the LARTC mailing list