Re: Multihomed with two separate ISPs and strange routing problems with iptables ...From: Adam Pearse (firstname.lastname@example.org)
- Next message: Stewart Honsberger: "Re: linux virus"
- Previous message: David: "Re: Why a stack with exec flag?"
- In reply to: Adam Pearse: "Multihomed with two separate ISPs and strange routing problems with iptables ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Adam Pearse" <email@example.com> Date: Wed, 5 Jun 2002 11:32:26 -0600
I figured it out with a little more searching on google :-) Here is what I
did in case anyone cares:
iptables -t mangle -A OUTPUT -p tcp --sport 80 -j MARK --set-mark 1
ip rule add fwmark 1 table 100 pref 1000
ip route add default via 126.96.36.199 dev eth1 table 100
So I left my default route on the 139 intereface and created a special
routing table for the second interface based on http traffic coming in on
it. The other major difference is I was using PREROUTING instead of OUTPUT
on my iptables statement.
"Adam Pearse" <firstname.lastname@example.org> wrote in message
> Hello, I am wondering if anyone would mind answering my question. I have
> server with two interface cards, each connected to a separate ISP. I run
> Counter Strike from one of the interfaces while I run Apache off the
> 1st interface: 188.8.131.52 with a default gateway of 184.108.40.206
> running Counter Strike (port 27015). This connection is a 10 Mbp pipe.
> 2nd interface: 220.127.116.11 with a default gateway of 18.104.22.168
> Apache web server (port 80). This connection is a T1.
> What is happening is when ppl join my counter strike server via the
> 22.214.171.124 interface, the outgoing packets (for some reason) are
> leaving out the 126.96.36.199 interface which is only a T1 causing a great
> deal of lag. I am attempting with iptables to force all traffic that came
> 188.8.131.52:27015 to go back out the same interface it came in on.
> is the commands I am using but they are not working ... Can anyone see
> I am doing wrong here?
> This is done once:
> echo 201 http.out >> /etc/iproute2/rt_tables
> This is done in my S99local
> echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter
> iptables -A PREROUTING -t mangle -p tcp --sport 80 -j MARK --set-mark 1
> iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 184.108.40.206
> ip rule add fwmark 1 table http.out prio 101
> /sbin/ip route add default via 220.127.116.11 dev eth1 table http.out
> ip route flush cache
> I am using Redhat 7.3, kernel build 2.4.18-4. I do not understand why CS
> traffic is still going out the eth1 interface. Anyone?