Re: Dual WAN set-up

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Mon, 16 Jan 2012 08:56:23 -0600, Dimitri Yioulos <dyioulos@xxxxxxxxxxxxx> wrote:

Before I commit this new set-up, I'd like to post the ste-by-step
instructions I wrote up for your kind review:

I don't quite understand your network configuration, but the ideas we provided on split-access to uplinks should adaptable to any situation.

Under this set-up, don't I need to add POSTROUTING AND FORWARDING
rules?  Sorry for my stupidity, but I set the original up a long
time ago, and certainly don't know all there is to know.  Your
continued patience and support are greatly appreciated.


The PREROUTING chain of the mangle table will handle the marking of new connection packets as well as recovery of the connection mark to the packet mark.  There should be no other iptables stuff required to mark the packets, and "ip rule add fwmark..." will handle sending the marked packets to the right routing table.

I think you are doing SNAT, which uses POSTROUTING chain.  You you will want to keep that.

Others here are much more knowledgeable and may have more comments.
--
Lloyd
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux