[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-net
Subject:    Re: `nexthop` at "ip route" command.
From:       Steffen Moser <lists () steffen-moser ! de>
Date:       2001-08-29 7:27:32
[Download RAW message or body]

Hi,

* On Tue, Aug 28, 2001 at 06:11 PM (-0300), Eduardo wrote:

> I have a router with two interfaces, each one to a different carrier. At 
> the router, my default gateway is to carrier #1. Well, the router is 
> connected directly to a Linux firewall box and I need, depending on  the 
> source information of a packet, to route the packet to carrier #2.
> 
> I think that I can use the 'ip rule' and 'ip route' commands. As the 
> firewall default gateway is the router box, I think that I could set the 
> 'nexthop' parameter at the 'ip route' command to do the correct output 
> interface routing when the packet arrives the router, using a command 
> like this:
> 
> ip route add default via *router-ip* nexthop via *router-device-2-ip*
> 
> But I get the following error:
> 
> *RTNETLINK answers: Invalid argument*
> 
> What this could be?

If you want to do a kind of load balancing based on equal cost multipath 
you can try the "ip route" and "nexthop". But therefore the command line 
should look like:

  ip route add default \
  nexthop via *gateway-ip-1* dev *device-1* \
  nexthop via *gateway-ip-2* dev *device-2*

So IMHO you'll need two "nexthop" statements. 

But I don't think that you really want to do equal cost multipath),
you'll rather need policy routing based on the packet's source address. 

<untested>

So I think you should set up different routing tables and each table has 
its own default gateway string, i.e. something like this: 

  ip route add default via *gateway-ip-1* dev *device-1* table 100

  ip route add default via *gateway-ip-2* dev *device-2* table 200

Then you will need "ip rule" commands which specifies the table each
packet has to use, e.g.:

  ip rule add from <source-address-1> table 100 
  ip rule add from <source-address-2> table 100
    .
    .
    .
  ip rule add from <source-address-10> table 200
  ip rule add from <source-address-11> table 200

</untested>

> Thanks,

I hope that I could help you!

Bye,
Steffen
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[prev in list] [next in list] [prev in thread] [next in thread]