Post by Christoph Haberberg » Mon, 15 Mar 1999 04:00:00


Anyone out there, how knows the iproute2-package??
Where can I get useful informations on that topic (apart from the
useless Mini-HOWTO).

I have serious troubles with iproute2 and multiple ip masquerading!






Post by Colin Guilla » Mon, 15 Mar 1999 04:00:00

ML.ORG is defunct! Get yourself a new email address! :)

If you use a redirector, I have had excellant success with DDNS at

Good luck!

| Colin Guillas        Ringmaster For Commodore Ring |

+----| ICQ#: 19683759 |-----| Ham Radio: VA3CSG |----+


1. iproute2 source routing with table - masquerading doesn't work


I have a router with the following interfaces:

eth0    a.b.163.225 (/27)       internal network
eth1    a.b.167.230 (/29)       routing subnet (university)
ppp0 ptp  DSL (pppoe, dynamic ips, to be masqueraded)

server:~# ip route show dev ppp0  scope link
a.b.167.225 dev eth1  scope link
a.b.167.224/28 dev eth1  proto kernel  scope link  src a.b.167.230
a.b.163.224/27 dev eth0  proto kernel  scope link  src a.b.163.225
a.b.0.0/16 via a.b.167.225 dev eth1
default via a.b.167.225 dev eth1

And i have 2 iproute2-tables "lwl" and "dsl"

server:~# ip route show table lwl
a.b.167.225 dev eth1  scope link
a.b.0.0/16 via a.b.167.225 dev eth1
default via a.b.167.225 dev eth1

server:~# ip route show table dsl dev ppp0  scope link
default via dev ppp0

To avoid other errors I flushed all iptables (and -t nat) and just
inserted a single
iptables -t nat -I POSTROUTING -i eth0 -o ppp0 -j MASQUERADE

If I set a

ip rule add from a.b.163.242 table lwl

to put the pc a.b.163.242 to lwl routing, it works fine.
(To be sure it's really the table lwl and not the standard default routing i
set a different gateway, and i IS table lwl)

If i try that with dsl:
ip rule add from a.b.163.242 table dsl
the packets vanish somewhere in routing, I can't really figure out where.
They don't appear in tcpdump -i ppp0.

But if I don't set a ip rule and do standard routing to dsl with
ip route del default
ip route add default via dev ppp0
all works fine, masquerading included.

Any hints how to get the table dsl working?

Marco Dieckhoff
icq# 22243433
GPG Key 0x1A6C95BA -- http://www.frankonia-brunonia.de/keys

2. Announce: Free Software Search Engine for Your Web Pages

3. iproute2 does not compile with kernel headers > 2.4.2 here

4. upgrading ld.so -- how to?

5. iproute2 + tc help

6. Practicalities of subnets

7. iproute2 source_ip routing problem

8. Possible attack scenario

9. Routing with iproute2 and ipchains - src address wont translate

10. iproute2 & routing table disappears

11. equalize on iproute2

12. iproute2 TC: Prefer UDP

13. Iproute2 problem across networks using NAT and 2 internal networks