Linux as multi-WAN gateway/router. Problem routing traffic through the right NICs.

BodaZsombor · 10-18-2012, 12:55 PM

Hello,

this is a rather simple question, I'm afraid. If English was my native language, I'd have done some more searching on the internet, but I even lack the keywords to look for in first place. Please bear with me this one time.

How do I tell my (Debian 6) Linux gateway (eth0: LAN, eth1: WAN1, eth2: WAN2) to route/redirect traffic on port 1000 from eth0 to eth1 (and vice versa) and traffic on port 2000 from eth0 to eth2 (and vice versa)?

Thank you.

hamlindsza · 10-20-2012, 08:42 AM

Hi,

Quote:

Originally Posted by BodaZsombor

How do I tell my (Debian 6) Linux gateway (eth0: LAN, eth1: WAN1, eth2: WAN2) to route/redirect traffic on port 1000 from eth0 to eth1 (and vice versa) and traffic on port 2000 from eth0 to eth2 (and vice versa)?

You can do this with the help of iproute2. You can get detailed information on iproute2 from here: http://lartc.org/howto/lartc.iproute2.html

First make sure you have iproute2 installed, if not install:

Code:

apt-get install iproute2

Then create routing tables for each WAN Link.

Code:

echo "1 WAN1" >> /etc/iproute2/rt_tables
echo "2 WAN2" >> /etc/iproute2/rt_tables

Specify the default route for each table, with the actual gateway of WAN1 & WAN2

Code:

ip route add default via <WAN1's GATEWAY> dev eth1 table WAN1
ip route add default via <WAN2's GATEWAY> dev eth2 table WAN2

Mark the packets you want to route. You've not mentioned if 1000 & 2000 is the source or destination port. In the below example ive mentioned as the destination port.

Code:

iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 1000 -j MARK --set-mark 1
iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 2000 -j MARK --set-mark 2

Code:

ip rule add from all fwmark 1 table WAN1
ip rule add from all fwmark 2 table WAN2

Happy Routing