[linux] Advanced routing

[Ivan Malich]

Zdravim...

Mam taky problem a akosi ho neviem vyriesit. Ide o dost specialne
routovanie. Myslim si, ze by to malo fungovat, ale nepodarilo sa mi to
urobit. Postupoval som podla navodov v Advanced Routing HOWTO a
IP Masquerade HOWTO (aj ked tam nie je popisane presne to co chcem) a
nepodarilo sa mi to urobit.
Chcel by som urobit router, ktory by routoval a natoval 2 siete
nezavisle od seba. Skusim nakreslit obrazok, hadam to bude pochopitelne:

 +---+ +---+
 |gw1| |gw2|
 +-+-+ +-+-+
   |     | 1.2.3.0/24  +--------+ 10.1.1.0/24
   |     +-------------+ router +------------- lan1
   +-------------------+        +------------- lan2
       1.2.4.0/24      +--------+ 10.1.2.0/24

Potrebujem, aby cela siet lan1 mala nastavenu default gw adresu 10.1.1.1
(= router) a lan2 zasa 10.1.2.1 (= router tiez). Router by to vsetko
z-nat-oval a pakety z lan1 by posielal na gw1 z IPcky 1.2.3.1 a pakety z
lan2 by posielal na gw2 z IPcky 1.2.4.1 (1.2.x.1 su obidve na routeri).

Skusal som to nejako takto:

...urobil som si routovacie tabulky s1 a s2
# ip route add 10.1.1.0/24 dev eth0 src 10.1.1.1 table s1
# ip route add 1.2.3.0/24 dev eth1 src 1.2.3.1 table s1
# ip route add default via 1.2.3.254 table s1
# ip rule add from 10.1.1.1 table s1
...to iste pre 2. lanku s prislusnymi IPckami a pre eth0:1 a eth1:1
# ip route add default via 1.2.3.254 # globalna brana
# iptables -t nat -P POSTROUTING DROP
# iptables -t nat -a POSTROUTING -o eth1 -j MASQUERADE

Ono to fungovalo asi na polovicu. Zo strany lan1 a lan2 sa to chovalo
tak, ako som chcel. Vsetky pakety vsak opustali router z adresy 1.2.3.1
a smerovali na gw1.

Nemohli by ste mi prosim niekto poradit, ako mu povedat, ze co od neho
chcem? Proste nech to vyzera tak, ako keby tam boli 2 uplne nezavisle
routery.

Dakujem.

Ico

--
Ico <ico na podvodnik.cz> <malich na decef.elf.stuba.sk>
UNIX is user friendly. It's just selective about who its friends are.
Why use Windows, since there's a door???