Login or Register to Ask a Question and Join Our Community


IP Networking

advanced nix kernel routing

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking advanced nix kernel routing
# 1  
Old 03-11-2009
advanced nix kernel routing
We have the following setup on several linux servers:

eth0 = Internet
eth1 = LAN (10.100.X.X)

For this example let's say we have:

eth0 goes to the internet and the default gateway is set in ifcfg-eth0
Server A has three IPs on the LAN (10.100.0.2, 10.100.22.3, 10.100.33.4)


The gateway is 10.100.9.1.

Naturally, if one IP attempts to access another IP, it is going to take the shortest path.

On Server A, the IP 10.100.0.2 attempts to access 10.100.22.3 or vice versa. We want to FORCE this traffic to go out eth1 on server A and to the gateway. The gateway is filtering traffic, so in this case we may have a rule blocking access from 10.100.0.2 to 10.100.22.3 - or perhaps a permit policy.


ip rule add from 10.100.0.2 table TEST1
ip route add 10.100.0.2 dev eth1 table TEST1
ip route add default via 10.100.9.1 table TEST1

ip rule add from 10.100.22.3 table TEST2
ip route add 10.100.22.3 table TEST2
ip route add default via 10.100.9.1 table TEST2


My understanding of source based routing tells me the above should solve the problem; however, upon adding the default gateway (ip route add default via 10.100.9.1 table TEST1 and ip route add default via 10.100.9.1 table TEST2), traffic doesn't hit the gateway at all.

Do you have any suggestions to resolve this issue - is it even possible?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. What is on Your Mind?

Regarding guidance to learn *NIX more and more

Hello All, This Poll/thread is for views of all forum user regarding following point: There are many people in this forum who are actually not actually working on *NIX(admin or real scripting/automation part) but they are/have learnt scripting and trying to help/guide/advice/sharing... (11 Replies)
Discussion started by: RavinderSingh13
11 Replies

2. What is on Your Mind?

Funny *NIX commands

Hello All, Just want to share some funny *NIX commands :). $ make love make: *** No rule to make target `love'. Stop. On a FreeBSD make: $ make love Not war. $ \(- bash: (-: command not found $ man woman No manual entry for woman $ touch /me touch: cannot touch `/me':... (5 Replies)
Discussion started by: RavinderSingh13
5 Replies

3. UNIX for Advanced & Expert Users

Which is the most secure *nix?

Which is the most secure *nix for home business/ office use? Would have to be fairly well up to date browser and drivers wise. Myself I seem to have settled on RedHat - I've trialled the Desktop, and am part-way through a server trial. I've essentially not managed to keep the browser as secure... (2 Replies)
Discussion started by: GSO
2 Replies

4. What is on Your Mind?

radio/airwaves *nix?

hey there, new to the forums here. long story short, i have interests in both HAM radio and *nix OS's and want to start a project that will combine the two. so, the question is: are there any *nix flavors or other distros that were specifically designed for radio/airwave communications, or... (0 Replies)
Discussion started by: BartlettMagic
0 Replies

5. Shell Programming and Scripting

Performance data, *nix

Hello, I want to write a tool which fetches performance data from remote machines. Sounds easy? well there are some requirements: No extra "client" software should be needed on the hosts, remote shell access (e.g. SSH) should be enough. -> I'm limited to a small amount of tools. I want CPU,... (8 Replies)
Discussion started by: Eliteforce
8 Replies

6. UNIX for Advanced & Expert Users

Req:Advanced kernel bible

Hi I am looking out for a book which will help admins to fine tune kernel & know in & out of it.. (Linux or Solaris.) Can anyone suggest me a gud book. thanks gokul. (3 Replies)
Discussion started by: gokulagiridaran
3 Replies

7. UNIX for Dummies Questions & Answers

Looking for something like Citrix for *nix

Hi, I don't mean the client.... I mean the server - I have the client to connect to a windows citrix server already. The next best thing I can use at present is VNC (I only want remote desktop, not application sharing specifically). The thing with VNC is that when you go on you are... (3 Replies)
Discussion started by: d11wtq
3 Replies

8. What is on Your Mind?

*nix Desktops

Yeah, we all know where to find screenshots of Unix and Linux, but it would be awesome to see some of your *nix screenshots. Okay.. to explain: This is my KDE desktop on Yellow Dog Linux. I changed the background recently to a Commodore 64 theme (pretty cool) and no longer is the Konstruct Konsole... (25 Replies)
Discussion started by: gnerd
25 Replies

9. UNIX for Dummies Questions & Answers

NIX master in 30 days?

HI there I would like to become a UNIX god in...oh lets say a month. Basically im a windows expert (stop laughing) and I want one of them high paying IT jobs that always require knowledge of some flavour of UNIX. The last NIX that I tried was Redhat 7. I loved it!!!! But didn't have anything to... (18 Replies)
Discussion started by: TINO
18 Replies

10. UNIX for Dummies Questions & Answers

Kernel Routing Table

How can i set an permanent route so that itīs still here after a reboot ? i have a gateways file Thanks :confused: :confused: :confused: (1 Reply)
Discussion started by: redcrosskbg
1 Replies
Login or Register to Ask a Question

LEARN ABOUT X11R4

tc-matchall

Match-all classifier in tc(8)					       Linux					     Match-all classifier in tc(8)

NAME

       matchall - traffic control filter that matches every packet

SYNOPSIS

       tc filter ... matchall [ skip_sw | skip_hw  ] [ action ACTION_SPEC ] [ classid CLASSID ]

DESCRIPTION

       The matchall filter allows to classify every packet that flows on the port and run a action on it.

OPTIONS

       action ACTION_SPEC
	      Apply an action from the generic actions framework on matching packets.

       classid CLASSID
	      Push matching packets into the class identified by CLASSID.

       skip_sw
	      Do  not  process filter by software. If hardware has no offload support for this filter, or TC offload is not enabled for the inter-
	      face, operation will fail.

       skip_hw
	      Do not process filter by hardware.

EXAMPLES

       To create ingress mirroring from port eth1 to port eth2:

	      tc qdisc	add dev eth1 handle ffff: ingress
	      tc filter add dev eth1 parent ffff:	    
		      matchall skip_sw			    
		      action mirred egress mirror	    
		      dev eth2

       The first command creats an ingress qdisc with handle ffff: on device eth1 where the second command attaches a matchall filters on it  that
       mirrors the packets to device eth2.

       To create egress mirroring from port eth1 to port eth2:

	      tc qdisc add dev eth1 handle 1: root prio
	      tc filter add dev eth1 parent 1:		     
		      matchall skip_sw			     
		      action mirred egress mirror	     
		      dev eth2

       The  first  command  creats  an egress qdisc with handle 1: that replaces the root qdisc on device eth1 where the second command attaches a
       matchall filters on it that mirrors the packets to device eth2.

       To sample one of every 100 packets flowing into interface eth0 to psample group 12:

	      tc qdisc add dev eth0 handle ffff: ingress
	      tc filter add dev eth0 parent ffff: matchall 
		   action sample rate 100 group 12

SEE ALSO

       tc(8),

iproute2							    21 Oct 2015 				     Match-all classifier in tc(8)