Scenario:
1 machine, two net cards, two networks
How can we make the reply to an action go back out through the route
it came in on? As it exists, queries, ssh sessions etc coming in
thru a vpn from one router are being replied to on the default
gateways card that hits the other network.
Is iptables the best tool, or is iproute2 the best tool to do this?
Pointers to good docs etc appreciated. Thanks.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.34% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
On Wed, Apr 13, 2005 at 11:35:12PM -0400, Gene Heskett wrote:
> How can we make the reply to an action go back out through the route
> it came in on? As it exists, queries, ssh sessions etc coming in
> thru a vpn from one router are being replied to on the default
> gateways card that hits the other network.
Sometimes Linux can't (and shouldn't) figure out the "right" interface. In
this case, you need policy routing:
http://lartc.org/howto/lartc.rpdb.multiple-links.html
http://lartc.org/howto/lartc.rpdb.html
Good luck!
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
bert hubert wrote:
> On Wed, Apr 13, 2005 at 11:35:12PM -0400, Gene Heskett wrote:
>
>>How can we make the reply to an action go back out through the route
>>it came in on?
>
> Sometimes Linux can't (and shouldn't) figure out the "right" interface. In
> this case, you need policy routing:
Yep. iproute2 with policy routing should handle it. I've been using it
for about 4 years now.
Chris