Re: routing problem

To: debian-firewall@lists.debian.org
Subject: Re: routing problem
From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date: Wed, 05 Dec 2007 01:29:53 +0100
Message-id: <[🔎] 4755F101.6060600@plouf.fr.eu.org>
In-reply-to: <[🔎] 5bd2109b0712041003n74a27aacocd7194176841a143@mail.gmail.com>
References: <[🔎] 5bd2109b0712040044v49d4eedpfcdf7d4a9be54ff8@mail.gmail.com> <8f9273ab0712040548nce80734se4d0a6d8f963fe9e@mail.gmail.com> <[🔎] 5bd2109b0712040617i1e05d8d5uf6fb4d14d0a35f47@mail.gmail.com> <[🔎] 8f9273ab0712040701k2ef92b7eq84e3c1c74ce74309@mail.gmail.com> <[🔎] 5bd2109b0712041003n74a27aacocd7194176841a143@mail.gmail.com>

Hello,

Alexandr Shurigin a écrit :

ok example

ethrnet ip / gateway 87.224.234.XX / 87.224.234.1(metric 10)

pppoe exaple ip(every reconnect are ifferent ip and gateways) =
212.122.43.12 / 212.122.43.6(metric 1)

i want allow users be available to work with 87.224.234.XX .

similar proble with two ethernet cards. which can be resolved with

[advanced routing as usual]

A similar method will work with a PPP link.

but for this method i must know gateway of any device. but it is different
every connect pppoe :(

Actually the gateway information is mostly irrelevant on a point topoint link. The interface name is what really matters : anything yousend on a PPP link goes to the peer (the "gateway") anyway. So


 ip route add default via 212.122.43.6 dev ppp0

and

 ip route add default dev ppp0

are equivalent.

Besides, I believe you don't really need a dedicated routing table forthe PPP link. Just leaving the PPP default route in the main routingtable (created by the 'defaultroute' pppd option) and using a dedicatedrouting table for the ethernet interface should work fine.

However if you really want a dedicated routing table for the PPP link,the routes and rules related to the PPP interface and address have to becreated every time the PPP session is established and deleted when thesession terminates. This can be done in executable shell scripts placedin /etc/ppp/ip-up.d/ and /etc/ppp/ip-down.d/, in which you can usevariables containing the interface name, local and remote addresses...See the /etc/ppp/ip-up and /etc/ppp/ip-down scripts for details. E.g. :


/etc/ppp/ip-up.d/routing :
#!/bin/sh
ip route add default dev $PPP_IFACE table PPP
ip route add $PPP_REMOTE dev $PPP_IFACE table ETH1
ip rule add from $PPP_LOCAL pri 200 table PPP
iptables -t nat -A POSTROUTING -o $PPP_IFACE -j SNAT --to $PPP_LOCAL

/etc/ppp/ip-down.d/routing :
#!/bin/sh
ip rule del from $PPP_LOCAL pri 200 table PPP
# no need to remove routes related to the PPP interface, they are
# automatically deleted when the interface goes down
iptables -t nat -D POSTROUTING -o $PPP_IFACE -j SNAT --to $PPP_LOCAL

Reply to:

References:
- routing problem
  - From: "Alexandr Shurigin" <alexandr.shurigin@gmail.com>
- Re: routing problem
  - From: "Alexandr Shurigin" <alexandr.shurigin@gmail.com>
- Re: routing problem
  - From: "Sami kamel" <sami.kamel@gmail.com>
- Re: routing problem
  - From: "Alexandr Shurigin" <alexandr.shurigin@gmail.com>

Prev by Date: Re: routing problem
Next by Date: Re: routing problem
Previous by thread: Re: routing problem
Next by thread: Re: routing problem
Index(es):
- Date
- Thread