Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Multihomed routing based on destination port?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Mon Sep 02, 2013 6:25 pm    Post subject: Multihomed routing based on destination port? Reply with quote

Hello,

I am trying to figure out how to change the outbound interface based on the destination port on a Gentoo router.

The network setup is:
eth0 = Internal LAN.
eth2 = Low(er) latency ISP with terrible bandwidth.
eth1 = High latency ISP with good bandwidth.

Currently I have all traffic going out on eth1, but I want a few select connections (ssh, VPN, VoIP, and a few games) to go out on eth2 based solely on the destination ports. All of the multihomed examples I've encountered required knowing the destination/source IP addresses. However, I want this to be more flexible and not be tied to specific IP addresses.

Thank you!

[Edited to change NIC order]


Last edited by CanuteTheGreat on Tue Oct 15, 2013 4:54 pm; edited 1 time in total
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Tue Sep 03, 2013 6:58 am    Post subject: Reply with quote

I guess you're looking for Netfilter & iproute - marking packets.
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Tue Oct 15, 2013 5:17 pm    Post subject: Reply with quote

That guide appears to do exactly what I wish. However, I have yet to be successful in implementing it...

Here is one snippet that I have tried:
Code:

iptables -t mangle -A PREROUTING -i eth0 -m state --state NEW -p tcp --dport 22 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i eth0 -m state --state NEW -p udp --dport 22 -j MARK --set-mark 1
ip rule add fwmark 1 table dsl
ip route add default via 192.168.0.1 dev eth2 table dsl


A few notes (if it helps) about ip addresses:
eth0 has a static ip of 192.168.1.1
eth1 is dynamically allocated from ISP and is a publically accessible ip
eth2 is static ip of 192.168.0.3 and the ISP provided modem/router has 192.168.0.1 and is set up in bridged mode and appears to be ok (i.e. inbound ssh works from the public ip of the modem)

Also I get some warnings when using MARK or CONNMARK:
Quote:
WARNING: The state match is obsolete. Use conntrack instead.


It appears that CONFIG_IP_ROUTE_FWMARK does not exist, at least in kernels 3.8.x. Has this option been depreciated, replaced, or renamed?

Thank you to anyone who can help!
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Wed Oct 16, 2013 5:37 am    Post subject: Reply with quote

This might be the case, there's another example which might help http://backreference.org/2012/10/07/policy-routing-multihoming-and-all-that-jazz/ .
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Wed Oct 16, 2013 5:59 pm    Post subject: Reply with quote

That contained the bits I was not able to figure out. I wish I had found that one weeks ago. :D Thank you!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum