Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

Pushing a packet back and forth between Linux subsystems - Zugschlusbeobachtungen

Linux policy routing is still incredibly painful if one wants to have more sophisticated routing than just “take source and destination IP address for the routing decision”. The mechanisms that have been in use seven years ago still work though, and I didn’t find any possibility to do it any easier. In this article, I’ll try to explain the “old” mechanisms and hope that somebody from lazyweb will comment and say “it can be done so much easier”. This is a translation of the Usenet article <gu48cs$rul$1@news1.tnib.de> in de.comp.os.unix.networking.misc in the hope that the english-speaking blogosphere can give additional insights. Given a Linux-based router with one internal network (int0), one perimeter network (per0) and two Internet connections (ext0, ext1) with one IP address each. We need to do source NAT to deliver Internet to the internal and perimeter networks. The internet connection on ext0 will be used for http and https, while all other traffic needs to go out on ext1.

Don't be the product, buy the product!