netdev
[Top] [All Lists]

Policy based routing with fwmark clause?

To: Netdev <netdev@xxxxxxxxxxx>
Subject: Policy based routing with fwmark clause?
From: "Maxim E. Zimovets" <Zimovets@xxxxxxxxxxx>
Date: Tue, 18 Jul 2000 15:27:30 +0600
Organization: UralAvaiInform
Sender: owner-netdev@xxxxxxxxxxx
Hi all

I've tried to make policy based routing with ip and ipchains. My config
is as follow:
Slackware Linux 7.0 with kernel v 2.2.15,
iproute2-2.2.4-now-ss000225,
ipchains v 1.3.9
Memory 64MB
NIC - rtl8139

When I try to route with following config everything is fine:
ip route add 0/0 via 1.1.1.1 table 5
ip rule add from 2.2.2.2 table 5 pref 100

ip rule show gives as expected:
0:           from all lookup local
100:      from 2.2.2.2 lookup 5
32766: from all lookup main
32737: from all lookup default
It's Ok and works fine.

When I try to setup more granular routing with ipchains:
ipchains -A input -i eth2 -p tcp -s 2.2.2.2/32 45000 -d 0/0 -m 2
ip route add 0/0 via 1.1.1.1 table 5
ip rule add fwmark 2 table 5 pref 100

I got this output  from ip rule show:
0:           from all lookup local
100:      from all lookup 5
                      ^^^^
                         ??
32766: from all lookup main
32737: from all lookup default
and Linux tried to route all the packets it got via table 5 despite of
ipchains at all.

What is wrong? Or may be what do I do wrong?
Any suggestions are welcome
Maxim
--
This mail reflects the personal opinion of the author. It can differ
from the opinion of his employer.

Maxim Zimovets
Network Administrator
Zimovets@xxxxxxxxxxx



<Prev in Thread] Current Thread [Next in Thread>