Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [policy-routing]

Policy-Based-Routing is a more complex form of the ordinary routing table

With Policy-Based-Routing you can formulate specific rules to get your packets routed different than the normal main routing table.

You can define rules upon source or destination address as well as even more complex situations using fwmarks and iptable's mangle:PREROUTING chain which empowers you with all possibilities that iptables grants you.

Policy-Based-Routing can also be used to merge Multi-Link PPP uplinks and/or Load-Balancing as well as traffic shaping.

92 questions
0
votes
0 answers

routing based on source IP

I am trying to do source-based routing, following the question https://unix.stackexchange.com/questions/131527/routing-based-on-source-ip. The source IP floating one and assigned to a cluster (consists from 2 servers). Let's say that the physical IP…
user1977050
  • 155
  • 6
0
votes
1 answer

Cisco IOS policy route for router originated VPN traffic

We have a Cisco IOS router with two DSL connections. One of them is intended for general traffic (ADSL), the other for VPN links (BDSL) and various other traffic. So the default route is the ADSL link, and we have a combination of static routes for…
Paul
  • 1,288
  • 13
  • 25
0
votes
1 answer

Policy routing script for linux

I am looking for some policy routing script for linux that isn't a part of a firewall, there are tools like shorewall and others but I prefer something more simple. I only need a script that can set a per-service preference on one of my two upstream…
aseques
  • 718
  • 4
  • 12
  • 28
0
votes
3 answers

Ubuntu server (VM) with two interfaces. Can only pass traffic on one or the other interface at a time

Let me start with a crude network diagram. Internal Layer 3 switch (Multiple VLANS, including 172.16.220.0 network) --> Internal network (172.16.220.0/24) --> eth1(172.16.220.100)-Ubuntu 10.04 VM-eth0(192.168.1.100) --> NATed network…
fourleggedfish
  • 110
  • 2
  • 9
0
votes
1 answer

Trying to figure out ssl over a reverse proxy with multiple backends/infrastructure

I'm having a hard time wrapping my mind around ssl with multiple backends. I might just need advice on infrastructure in general. Here is my scenario/question: I have three servers: main website hosting control panel development machine Reverse…
Dustin Kingen
  • 113
  • 1
  • 1
  • 7
0
votes
0 answers

Choosing batman-adv interface based on port

I am working on a set up where I have bat0 and bat1 batman -adv networks. When non-mesh clients send packets on a certain port number, I want the connected node to be able to choose bat1 instead of bat0 for those packets. I managed to make this work…
Berkay Demirci
  • 1
0
votes
0 answers

packet goes up input chain instead of being forwarded

I am trying to see if i can forward traffic through a loopback interface. The primary reason for me to do this is to see if I can force a route lookup as the packet traverses through the loopback interfaces. I have some ebpf hooks that NATs and…
skp
  • 21
  • 6
0
votes
0 answers

With iptables, is it possible to route only certain domains?

I'm routing specific devices through a separate gateway device that connects to a Tailscale VPN exit node. I'm using this command so my device can act as NAT router to Tailscale: sudo iptables -t nat -A POSTROUTING -o tailscale0 -j MASQUERADE But…
Sawtaytoes
  • 143
  • 8
0
votes
1 answer

How to route a reply packet to the device it coming from?

I have an ipip tunnel, I want all the reply packets coming from ipip device also going through ipip. I have tried the following iptables rules sysctl -w net.ipv4.ip_forward=1 ip rule add fwmark 1 lookup 100 ip route add default dev ipip0 table…
Hoping White
  • 1
  • 1
0
votes
0 answers

Linux Gateway Policy Routing and TCP MSS Issue(maybe)?

I have an Ubuntu 20 machine as an internet gateway with two WANs ens160 and ens192. I switch the default route on the gateway like ip r re 0/0 dev160(or ens192) and the clients on the LAN access the web without any problem. But if I want to let a…
timy
  • 699
  • 1
  • 7
  • 14
0
votes
1 answer

How to deal with DNS requests when using multiple OpenVPN connection and policy based route?

I have 2 subnets in my local network (192.168.4.0/24, 192.168.5.0/24), but only 1 gateway server (192.168.4.223) which has 2 OpenVPN connections (10.100.2.6/24, 10.100.3.6/24). The topology is like: enter image description here I want computers in…
SATMOS
  • 1
0
votes
0 answers

EdgeRouter Policy Based Routing not working for second LAN

I have an EdgeRouter ER-8 with the following setup: 3 WANs (eth0 is ISP1, eth1 is ISP2, eth2 is a wireless link to another campus with its own ISP, and it is used to access the remote LAN and as a third and failover-only uplink); and 2 local LANs…
ahpoblete
  • 241
  • 1
  • 4
0
votes
1 answer

Diagnosing a Linux routing issue: multiple external IPs and several internal subnets with multiple routing tables

This is my first post on stack exchange. First, I'd like to thank this community for over my computer engineering journey I have learned many things here. :) With this post I am mainly looking for direction of how to proceed in diagnosing and fixing…
Wafflemann
  • 1
  • 1
0
votes
0 answers

VPN client IP masking

at our company we are facing a particular routing problem, for which I have found many related questions and answers for parts, but not for the whole. This is the scenario: our office has a fixed IP to the outside world this IP is registered to be…
Bart Van Loon
  • 101
  • 3
-1
votes
1 answer

Iptables round-robin through multiple virtual network interfaces

I have a server with two main network interfaces and 5 virtual interfaces like this. eth0 - 192.168.1.1 eth1 - 192.168.3.1 eth1:2 192.168.3.3 eth1:3 192.168.3.4 eth1:4 192.168.3.5 eth1:5 192.168.3.6 eth1:6 192.168.3.7 etho is my internal facing…
rafalefighter
  • 101
  • 6
1 2 3 4 5
6
7