[LARTC] source routing does not work with extra ip addresses
richard lucassen
mailinglists at lucassen.org
Sat Apr 8 12:30:17 CEST 2006
I set up this config:
+------+
-+ ISP1 +--+
+------+ | +-------+
+--+ linux |
+------+ | +-------+
-+ ISP2 +--+
+------+
No problem. Standard setup with two ISP's. Both routed subnets. Default
gateway is ISP1. No magic here.
Now I put a server behind the Linux box. I want the server to be
reachable on an /extra/ IP in the routed subnet of ISP2.
+------+
-+ ISP1 +--+
+------+ | +-------+ +-----------------+
+--+ linux +--+ server 10.0.0.2 |
+------+ | +-------+ +-----------------+
-+ ISP2 +--+
+------+
router ISP2: 1.2.3.1/24
dev ISP2: eth1
Linux box eth1: 1.2.3.2/24
external ip ISP2 for server 10.0.0.2: 1.2.3.3
arp -s 1.2.3.3 aa:bb:cc:dd:ee:ff pub
ip route add 1.2.3.3 via 10.0.0.2
iptables -t nat -A PREROUTING -i eth1 -d 1.2.3.3 -j DNAT --to 10.0.0.2
When pinging 1.2.3.3, the packets get in through eth1 (ok), but the
replies are following the default route through eth0 (wrong)
Even a
ip rule add from 1.2.3.3 lookup table_eth1
doesn't change this behaviour. It is working ok when I add the address
1.2.3.3 directly to eth1:
ip a a 1.2.3.3 dev eth1
Why is this?
R.
--
___________________________________________________________________
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht |
| Public key and email address: |
| http://www.lucassen.org/mail-pubkey.html |
+------------------------------------------------------------------+
More information about the LARTC
mailing list