I already had this working years ago on another server, but now it wont work correctly.
I have a second routing-table with a default route to the second interface.
I fwmark the http(s) traffic and set a rule that this traffic should use the special routing table.
And indeed the http traffic goes out via eth2 with the right src and destination, as I can see with tcpdump. A syn package [S] goes out - and a reply [S.] comes back in, to the right src ip / port. The firewall is completely open for input over the interface.
BUT, my host does not react to the incoming package [S.]. It does not continue with [.] (what would complete the three-way-handshake I guess, like I can see on other connections over the main interface). Instead after 1s it retries syn [S] and the remote host multiple times repeats its [S.] packages.
So what in all the world is going on? Why does the host's networking not react to the [S.] reply from the target? It's coming in, but not processed..
So strange!? Any relevant changes in Linux (Ubuntu 12.4 LTS) networking since I had such a setup running 5-8 years ago?
[The setup DOES work for traffic coming from outside over that interface, see from rule below!]
I'm running OS X. (OS X Server actually) and right now I use a program called BrickHouse to handle my router configuration. But this program kind of sucks. I'd much rather learn how to configure these programs manually. By these programs, I mean the programs OS X comes with to handle these jobs... (0 Replies)
My system info is show below:-
#uname -a
SunOS qfserver 5.8 Generic_117350-29 sun4u sparc SUNW,Sun-Blade-2500
and I have two network card as shown below:-
#ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
bge0:... (1 Reply)
Hello list membes
I have a linux running firewall/router machine, connecting LAN to the internet with two interfaces (no load balancing or other connections). One is a fast connection with dynamic IP (ADSL) which is the default route, the other is a static IP (T3) connection (used for mail sever... (4 Replies)
Hello,
I need "devices.common.IBM.ml 1.4.0.0 C F Multi Link Interface Runtime" to be installed on my machine.
I need it for two SAN cards to work correctly.
Where do I get it ?
thanks
Vilius (1 Reply)
Hello, I'm trying to use libcurl multi interface to fetch several data in parallel. I would expect this to be faster than performing repeated fetches using the easy interface, but for some reason I can't obtain any speed up at all: using the multi interface actually turns out to be MUCH slower than... (2 Replies)
Hi all
I have installed a demo version of SCO OpenServer 5.0.2, I finally found it is Desktop Interface, I would like to know how to change its interface to dos based interface?
If you have any ideas, please tell me then. Thank you (2 Replies)
Hi,
We currently operate a DHCP Server on Vxworks system.
It seems that the server is functioning only over the boot interface.
While trying to use it on a different interface the DHCP client messages seems to reach the interface but stay without response.
From a... (1 Reply)
We have two subnets, say 'domA' (192.168.0.0/24) and 'domB' (10.10.0.0/16). These subnets are connected through the router 'router01'. One server 'base01' has two network cards, configured to domA and domB subnets respectively.
Now let's consider a host host01.domA (192.168.0.5) trying to... (0 Replies)
Solaris-9 server is having one primary IP 10.41.161.14 on qfe0 and 10.41.116.0 on qfe3:1. Traffic is going through virtual interface instead of physical interface. How should I force traffic to go with primary interface.
root@smtsrvn01:/# netstat -nr
Routing Table: IPv4
Destination ... (2 Replies)
Hi,
Please help me on issue described below,
I have 4 machine setup, M1 -> M2 -> M3 | M4. And A laptop that can be reachable through both M3 and M4.
M2 has 2 NIC conected to M3 and M4. Now I want to divide the flow coming from M1 for laptop.
At M2, I have done following,... (1 Reply)
Discussion started by: rahulbhansali24
1 Replies
LEARN ABOUT REDHAT
aggregate-ios
AGGREGATE-IOS(1) General Commands Manual AGGREGATE-IOS(1)NAME
aggregate-ios - optimise a concatenated set of cisco/IOS prefix filters to help make them nice and short.
SYNOPSIS
aggregate-ios <source_config >optimised_config
DESCRIPTION
Takes cisco IOS configuration on stdin, and optimises any prefix filters found using aggregate(1). Optimised filters are produced on std-
out.
OPTIONS
None.
DIAGNOSTICS
Any diagnostics produced by aggregate(1) are passed through on stderr.
EXAMPLES
The following configuration fragment:
ip prefix-list AS65530 description Foo, Inc
ip prefix-list AS65530 permit 10.1.0.0/16
ip prefix-list AS65530 permit 10.2.0.0/16
ip prefix-list AS65530 permit 10.2.1.0/24
ip prefix-list AS65530 permit 10.3.0.0/16
ip prefix-list AS65531 description Bar.Com
ip prefix-list AS65531 seq 5 permit 192.168.1.0/24
ip prefix-list AS65531 seq 10 permit 192.168.2.0/24
ip prefix-list AS65531 seq 15 permit 192.168.0.0/19
is optimised as follows:
ip prefix-list AS65530 permit 10.1.0.0/16 le 24
ip prefix-list AS65530 permit 10.2.0.0/15 le 24
ip prefix-list AS65531 permit 192.168.0.0/19 le 24
SEE ALSO aggregate(1)HISTORY
Aggregate-ios was written by Joe Abley <jabley@mfnx.net>.
BUGS
All those in aggregate(1) and then some :)
Joe Abley 2000 November 27 AGGREGATE-IOS(1)