[rhelv6-list] network problem on RHEL6.3
John Haxby
john.haxby at gmail.com
Wed Jul 4 14:25:54 UTC 2012
On 4 July 2012 13:59, Manuel Wolfshant <wolfy at nobugconsulting.ro> wrote:
> On 07/04/2012 03:46 PM, John Haxby wrote:
>
>>
>> Loose mode reverse path filtering isn't usually recommended, though, not
>> least because asymmetric routing can mess up TCP's flow control. I keep
>> hoping that someone will post a succinct guide to having packets route back
>> through the interface they came in on (I know it can be done, I've just
>> never sat down and worked it out in detail.)
>>
>
> EXTERNAL_INTERFACE1="eth1.5"
> EXTERNAL_INTERFACE2="eth1.6"
> $IPTABLES -t mangle -A PREROUTING -j CONNMARK --restore-mark
> $IPTABLES -t mangle -A PREROUTING -i "$EXTERNAL_INTERFACE1" -j MARK
> --set-mark 2
> $IPTABLES -t mangle -A PREROUTING -i "$EXTERNAL_INTERFACE2" -j MARK
> --set-mark 3
> $IPTABLES -t mangle -A POSTROUTING -j CONNMARK --save-mark
>
>
>
> [root at mail ~]# grep mark /etc/sysconfig/network-**scripts/rule-eth*
> /etc/sysconfig/network-**scripts/rule-eth1.5:fwmark 2 table T1
> /etc/sysconfig/network-**scripts/rule-eth1.6:fwmark 3 table T2
>
>
> The rest is left as exercise for the reader
>
>
Thank you very much!
jch
--
Phear the Penguin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhelv6-list/attachments/20120704/e45f2110/attachment.htm>
More information about the rhelv6-list
mailing list