IP routing with fwmark

From: Luke -Jr
Date: Tue Oct 10 2006 - 16:12:26 EST

Next message: Auke Kok: "Re: Intel 965 chipset motherboards + SATA"
Previous message: Hugh Dickins: "RE: Hugepage regression"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Having trouble getting my routing rules to work. Basically, I just want to
lock a connection to use a single network interface. The common and only
method (compatible with IP forwarding) seems to be using CONNMARK to keep
track of the interface each connection is assigned to.
However, for some reason, it appears the Linux IP routing table is not
correctly processing the fwmark rules:
12: from all fwmark 0xa lookup inet_sbc
Both inet_sbc and main tables have a default route set. If I prepend "prohibit
default" into *either* of the tables (main or inet_sbc), the packet is
dropped. Since a packet only has a single route, this suggests that Linux is
doing two routing lookups, and only processing the fwmark rules in the first
one (which, if not an error, is ignored and overridden by the later lookup).

Any other possibilities, suggestions, ideas, or fixes? Or should I post more
details?

Thanks,

Luke-Jr (CC replies please)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Auke Kok: "Re: Intel 965 chipset motherboards + SATA"
Previous message: Hugh Dickins: "RE: Hugepage regression"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]