|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] routing question....
|
On Mon, Dec 06, 2004 at 01:24:10AM -0500, Doug Crompton wrote:
> I am switching from PPP to Ethernet (DSL) and in the transition phase it
> would be nice. It seems that different paths - EG. in on PPP out on DSL
> or in on DSL out on PPP does not work. The data flows but the connection
> never establishes. Can't you have different RX/TX data paths?
Asymmetric routing is indeed possible, however two items may be getting
in your way. The first is Linux's return-path verification, which as a
security precaution attempts to permit only symmetric routing. Debian
enables rp_filter by default; I don't know what the default settings are
for other distributions. To disable it, simply execute the following:
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/ppp0/rp_filter
The second item is that your upstream provider may also be implementing
return-path verification to prevent their customers from spoofing packets.
If you suspect this is the case, and if your dialup has a static IP, you
may want to contact them and see if they would be willing to temporarily
permit packets with a source address of your ppp0 through.
> So instead of that, in a system with ppp0 and eth0 can you have the data
> go out the same path in came in on with the same IP- in esscense two route
> defaults. All data that came in on ppp0 goes out on ppp0 and data in on
> eth0 goes out on eth0.
Yes, this is also possible. One solution is to implement policy routing
which will make routing decisions based on the source address rather than
the destination address. As Eric mentioned, the Linux Advanced Routing &
Traffic Control (LARTC) HOWTO is an excellent resource for configurations
such as this, and can be found at lartc.org.
HTH,
-mct
--
perl -e'$u="\4\5\6";sub H{8*($_[1]%79)+($_[0]%8)}sub G{vec$u,H(@_),1}sub S{vec
($n,H(@_),1)=$_[2]}$_=q^{P`clear`;for$iX){PG($iY)?"O":" "forX8);P"\n"}for$iX){
forX8){$c=scalar grep{G@$_}[$i-1Y-1Z-1YZ-1Y+1ZY-1ZY+1Z+1Y-1Z+1YZ+1Y+1];S$iY,G(
$iY)?$c=~/[23]/?1:0:$c==3?1:0}}$u=$n;select$M,$C,$T,.2;redo}^;s/Z/],[\$i/g;s/Y
/,\$_/xg;s/X/(0..7/g;s/P/print+/g;eval' # Michael C. Toren <mct@toren.net>
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|