View previous topic :: View next topic |
Author |
Message |
CanuteTheGreat n00b
Joined: 10 Feb 2007 Posts: 58 Location: Bellingham, WA, USA
|
Posted: Mon Sep 02, 2013 6:25 pm Post subject: Multihomed routing based on destination port? |
|
|
Hello,
I am trying to figure out how to change the outbound interface based on the destination port on a Gentoo router.
The network setup is:
eth0 = Internal LAN.
eth2 = Low(er) latency ISP with terrible bandwidth.
eth1 = High latency ISP with good bandwidth.
Currently I have all traffic going out on eth1, but I want a few select connections (ssh, VPN, VoIP, and a few games) to go out on eth2 based solely on the destination ports. All of the multihomed examples I've encountered required knowing the destination/source IP addresses. However, I want this to be more flexible and not be tied to specific IP addresses.
Thank you!
[Edited to change NIC order]
Last edited by CanuteTheGreat on Tue Oct 15, 2013 4:54 pm; edited 1 time in total |
|
Back to top |
|
|
massimo Veteran
Joined: 22 Jun 2003 Posts: 1226
|
|
Back to top |
|
|
CanuteTheGreat n00b
Joined: 10 Feb 2007 Posts: 58 Location: Bellingham, WA, USA
|
Posted: Tue Oct 15, 2013 5:17 pm Post subject: |
|
|
That guide appears to do exactly what I wish. However, I have yet to be successful in implementing it...
Here is one snippet that I have tried:
Code: |
iptables -t mangle -A PREROUTING -i eth0 -m state --state NEW -p tcp --dport 22 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i eth0 -m state --state NEW -p udp --dport 22 -j MARK --set-mark 1
ip rule add fwmark 1 table dsl
ip route add default via 192.168.0.1 dev eth2 table dsl
|
A few notes (if it helps) about ip addresses:
eth0 has a static ip of 192.168.1.1
eth1 is dynamically allocated from ISP and is a publically accessible ip
eth2 is static ip of 192.168.0.3 and the ISP provided modem/router has 192.168.0.1 and is set up in bridged mode and appears to be ok (i.e. inbound ssh works from the public ip of the modem)
Also I get some warnings when using MARK or CONNMARK:
Quote: | WARNING: The state match is obsolete. Use conntrack instead. |
It appears that CONFIG_IP_ROUTE_FWMARK does not exist, at least in kernels 3.8.x. Has this option been depreciated, replaced, or renamed?
Thank you to anyone who can help! |
|
Back to top |
|
|
massimo Veteran
Joined: 22 Jun 2003 Posts: 1226
|
|
Back to top |
|
|
CanuteTheGreat n00b
Joined: 10 Feb 2007 Posts: 58 Location: Bellingham, WA, USA
|
Posted: Wed Oct 16, 2013 5:59 pm Post subject: |
|
|
That contained the bits I was not able to figure out. I wish I had found that one weeks ago. Thank you! |
|
Back to top |
|
|
|