I have a solution where a system can have multiple physical interfaces but a single IP address. I am looking to insert a Squid proxy (that will also perform source NAT), but the return packets must go back to the correct interface.
client network is 10.x.x.x
network between the gateway and squidbox (where I am trying to install
this routing) is 2.0.0.0/24
Squid box has eth2 0.0.0.0
Bridge interface br0 with eth2 as a member and IP address 2.0.0.2/24
The Squidbox then has a second interface on public IP eth3
default route is via eth3
add a route back to the client network:
The issue seems to be that the Mark is not being restored, a tcpdump on the interfaces shows the flows being forwarded correctly, but without the MAC mangling taking place.
any thoughts on where I am going wrong?
Last edited by Scott; 03-18-2014 at 09:19 PM..
Reason: Please use code tags; Moderator please add code tags
Sounds like something we did to avoid manual router config for odd IP destinations: add entries to the ARP server on any local host so packets to an additional IP device installed in a host on the local net would be directed on that host's local net IP/MAC. Once these packets rise through the ethernet layer into the IP Stack, it recognizes them as local and delivers them without IP forwarding.
Hi all. Linux noob here.
I was hoping someone could help me with configuring some routing rules on my router, an Asus AC68.
The router is connected to two gateways, wan0_gateway and wan1_gateway.
I have rules set up in the router gui that will push all traffic from every IP other than my own... (0 Replies)
hi guys!
I was searching few days for a solution to my problem but haven't found one or I'm too dumb to understand.
Here's what happened:
I have a linux server used as a router. It has an eth0 and eth1 (local interface). I just installed openvpn (I need it only as a client), I configured it and... (0 Replies)
Hi all,
I want to make this nw diagram:
Small NW ---(eth1)-- Linux iptables --(eth0)---LAN NW
And with these requirements:
1. Allow only 1 Mac address aa-aa-aa-aa-aa-aa from Small NW to LAN NW
2. Allow list of Mac addresses from LAN NW access to Small NW
What will I... (2 Replies)
edit; I found a solution that works, see thread #3 https://www.unix.com/302417065-post3.html
Hi there,
I have a small dedicated server that has four ip addresses and by default my httpd sends request using the servers main ip for all outbound connections.
I'm quite amateur at routing and... (4 Replies)