Re: ip route load distribute

[mike808@users.sourceforge.net]

Instead of doing this the "hard way", have you thought about installing
Shorewall and checking out their multi-homed guidelines?

Then, experiment with a Shorewall setup. After it's working, you can examine the
iptables rules and chains and see what it actually did under the covers of those
wonderfully simple and easy to understand configuration files.

Just a thought. Tom Eastep is a pretty smart guy. And if Shorewall can't do what
you want, send a letter to the Shorewall mailing list and ask how to accomplish
what you're describing. Then set it up per above and look at the resulting rules
to reverse engineer an optimized iptables script for your setup.

Do any of these look familiar or are helpful?
http://www.shorewall.net/Multiple_Zones.html
http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html

Ah. A D'oh moment.

Searching the Shorewall site and archives, I find:
  http://lists.shorewall.net/pipermail/shorewall-users/2003-May/006239.html
And Tom's response:
  http://lists.shorewall.net/pipermail/shorewall-users/2003-May/006240.html

Summary: It's a routing issue, not an iptables issue. See LARTC 4.2.1.

http://lartc.org/howto/lartc.rpdb.multiple-links.html

Is *that* what you're looking for? :=)

Mike/


---------------------------------------------
http://www.valuenet.net



-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.