I get following error while run the command<br>iptables -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0000" -j MARK --set-mark 0x10<br><br>error> iptables v1.2.11: Couldn't load match `u32':/lib/iptables/libipt_u32.so: cannot open shared object file: No such file or directory
<br><br>I m using FC3 Linux Kernel 2.6.9-1.667 <br><br>Any further pointer?<br><br>---------- Forwarded message ----------<br>From: Marek Kierdelewicz <<a href="mailto:marek@piasta.pl">marek@piasta.pl</a>><br>To: <a href="mailto:lartc@mailman.ds9a.nl">
lartc@mailman.ds9a.nl</a><br>Date: Sun, 2 Sep 2007 13:33:11 +0200<br>Subject: Re: Re: [LARTC] 2 ISP connection sharing problem<br>Hi,<br><br>>Thats fine but primary problem is that only one connection is used at a<br>>time but I want to utilize both at the same time. Please guide
<br><br>You have iptables based options to solve this problem:<br><br>1) You can use u32 module to mark and then route packets based on the<br>destination address<br><br>example use of u32:<br>$IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0000" -j MARK
<br>--set-mark 0x10<br>(packets to addresses with last bit UNSET will be marked with 0x10<br>value)<br><br>$IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0001" -j MARK<br>--set-mark 0x11<br>(packets to addresses with last bit SET will be marked with 0x10
<br>value)<br><br>Then you add routing policy rules:<br>ip ru add fwmark 0x10 table T1 prio 100<br>ip ru add fwmark 0x11 table T2 prio 100<br><br>2) You can use statistics and connmark module to balance connections<br>between two links
<br><br>Sorry, no fish here, only fishing rod. I don't have a working config<br>similar to what you need and making something up would be to time<br>consuming.<br><br>connmark module: <a href="http://home.regit.org/?page_id=7">
http://home.regit.org/?page_id=7</a><br><br>statistic module: it's poorly documented, but you can use it like<br>that...<br>"-m statistic --mode random --probability PERCENT"<br><br>Basic idea is to mark some percent of NEW connection with mark 0x10
<br>and rest with 0x11. Then you add policy routes like in example above.<br><br>Good luck.<br><br>Cheers,<br>Marek Kierdelewicz<br>KoBa ISP