iproute2 + multigateway and wrong src address for gateways

iproute2 + multigateway and wrong src address for gateways

Post by M4te » Sun, 05 Nov 2006 06:31:41



Hello!

I've been searching quite long for the answer, but I found only those
docs that I've tied,
so (as the act of desperation :) ) I beg you for help.
So, what is the problem? That is it:

I have 2 internet links form different ISP. iproute is configured
acording to

http://www.ssi.bg/~ja/nano.txt

but there is a problem, wrong src IP is selected:

<code>

204.152.191.6 via 80.53.46.X dev eth3  src 193.24.245.Z
    cache  mtu 1500 advmss 1460 hoplimit 64
</code>

where 80.53.46.X is a GATE on interface eth3 and 193.24.245.Z is the IP
of eth2

It cause that packet goes out via eth3, but answer comes back via eth2
(depending on SRC_IP)
where the packet can't be matched with any connection, and it's droped

SB had sth like that? SB solved it?
I'll be very pleased for any kind of respod.

TIA

Mateusz Rejek

 
 
 

1. Routing with iproute2 and ipchains - src address wont translate

Hi,

I'm trying to get my server to route from/to a specific local machine to an
ADSL router using ipchains forwarding and ip route. The new ADSL router
Is connected to my Linux box on a second Ethernet card eth1.

Object of exercise - to enable a specific local PC to talk to the ADSL
Router as though it was directly connected, by selecting the PCs preferred
gateway to be the Linux box.

The two subnets are 10.242.22.0/24:

ADSL router: 10.242.22.161
server eth1: 10.242.22.162

..and 172.18.12.0/24:

server eth0: 172.18.12.2
localpc    : 172.18.12.3
mygateway: 172.18.12.254 <- this is the one I normally use for Internet access
                             and is the default gateway of the Linux box.

First, the ipchains.

#  ipchains -A forward -i eth1 --source 172.18.12.3 -j MASQ --log
#  ipchains -A forward -j DENY --log
#  echo 1 > /proc/sys/net/ipv4/ip_forward

And the routing:

# ip rule add from 172.18.12.3 nat 10.242.22.162 table officepc
# ip route add 10.242.22.0/24 dev eth1 src 10.242.22.162 table officepc
# ip route add default via 10.242.22.161 table officepc

But the source address does not appear to get translated:

# ip route get 53.205.22.69 from 172.18.12.3 iif eth0
53.205.22.69 from 172.18.12.3 via 10.242.22.161 dev eth1  src 172.18.12.2
     cache <masq,src-direct>  mtu 1500 advmss 1460 iif eth0

A sample ipchains log line:
Dec 22 20:50:44 server kernel: Packet log: forward DENY eth0 \
PROTO=1 172.18.12.3:8 53.205.22.69:0 L=60 S=0x00 I=47713 F=0x0000 T=127 (#2)

The packets are being sent out with the un-translated address 172.18.12.2.
I've checked that it works if I set my default gateway to the ADSL router - then
I can happily ping the router from the local pc.

I'm using a stock RedHat 2.4.18-3 kernel and the .config
file appears to have all the right features enabled.

Any help gratefully received...

/Dan

2. How can I get struct inode * ?

3. rlogin and telnet get address my address wrong

4. Soundblaster Soundcard AWE 64

5. routing based on source address/NAT/iproute2 question.

6. Sysadmin at Queens College of CUNY

7. Incorrect source address when using iproute2

8. Upgrade kernel?

9. How to get default Gateway address, subnet address, DNS names using C/C++

10. Finding the ip address and hardware (ethernet) address of client behind a gateway

11. private address for default gateway - source address problem

12. Matrox Mystique ands X.

13. making from src - /usr/src/lib/csu/i386