Re: One machine, two net feeds, outbound route selection | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Ben Scott wrote:
On 10/25/07, Peter Rabbitson <rabbit+list@xxxxxxxxx> wrote:Unfortunately not easy without doing local NAT (from the local interface to another local interface).I thought that might be the case. I even started to write a rule about how the NAT might work... but then I ran into brain pain trying to figure out how, because I didn't know when the packets get what address/interface info assigned to them, and I didn't know how SNAT would interact with the routing tables. Normally, I do SNAT in the POSTROUTING chain, but by then the routing rules have already run, right? So the packet would still be bound for the wrong interface, even if the source address is translated. No?
I was not thorough enough. The NAT is necessary in order to make the packet come back through the link/interface you want (because as I noted previously you do not have control over the choice of a source address). Once this is out of the way the only problem is how to make an already routed packet to leave via a different interface. One way to do this is the ROUTE target: http://netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-4.html#ss4.5 There might also be other ways to do this, but I never investigated, as this is a mostly theoretical exercise.
Peter _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc