Sun, 25 Oct 2009

Policy-based routing in Linux

Just a quick note.

Most routing is done on the basis of the destination address, unless you have a BGP feed.

However occassionally you need to do routing on the basis of some other policy: in my case this weekend it was the source address.

I spent quite a few hours this weekend looking at various Google results, lartc.org, www.policyrouting.org (the latter has a fairly detailed book with some useful examples) before I came up with a solution that works for me.

ip rule add from <source addr> table 203
ip route add default via <new default> table 203

You can also use the ToS field and act upon fwmarks thus linking your routing with your iptables policy.

[ / software] Trackbacks (0) Comments (0) permanent link permanent link

About

ॐ (aum) - what was, what is and what will be, wildfire's musing

Anand Kumria
wildfire@progsoc.org

Calendar

Topics

• beauty - 1
• blogging - 3
• books - 1
• debian - 7
• edinburgh - 1
• finance - 1
• freedom - 2
• general - 1
• hardware - 3
•   dell - 2
•   disks - 1
• health - 3
• helsinki - 1
• london - 1
•   review - 1
• salsa - 1
• security - 2
• software - 19
•   blosxom - 2
•   gnome - 1
•   moblog - 1
•   ubuntu - 1
•   vcs - 2
•   zeroconf - 1
• sydney - 8
•   isp - 3
• thisisbroken - 1
• travel - 1
• work - 2
•   awayphone - 1
•   general - 1

Subscribe

Subscribe to a syndicated feed of my weblog, brought to you by the wonders of Atom.

Music

 

Blosxom

Rendered in only 0.0820 seconds.

Web Standards