Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 2 subscribers
  • Views 657 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy routing

eageraj
Hi,
I have a question regarding policy routing.
Astaro v7.500

It seems to me not to work properly when returning a packet which has had DNAT applied. (packet returns down default gateway when it goes back to the sender.

The normal GUI policy based routing works fine for IP addresses that terminate on the Astaro, but not if that IP address is DNAT'ed to another box.

I can achieve what I want if I add the following from the command line:
ip route add default via 10.0.4.2 dev eth6 table 100
ip rule add from 1.2.3.4 pref 10 lookup 100
(where 1.2.3.4 is an external public IP address configured on eth6 as an additional IP address)

I have:
eth2 - Primary Uplink
eth3 - Secondary Uplink (configured as failover)
eth6 - 10.0.4.2/30 as point-to-point link and 1.2.3.4

Basically, I want to be able to hit the box (and DNAT past it) from either the Uplink IP address or 1.2.3.4.

Is there any way of adding 'standard' policy based routing (based on source address) instead of doing the Astaro fw-mark method?

Thanks,

Andrew


This thread was automatically locked due to age.