I am working on a 2 router system. The routers are connected via a dedicated link. Each router has a local network that it serves, and an internet provider. One internet provider is the default for all traffic. The other is new, and intended as backup, and use for hosting a couple sites.

I have the routers talking, and both can access the internet (through the default provider). Where I have a problem is routing traffic to a specific machine on the new provider.

For testing, I am sending ssh traffic to a netbook I hooked up to the network. I'm using tcpdump, and see the traffic come in through the provider. I see it hit the netbook. But all the traffic goes out the default route.

I know the problem lies in the policy rotuing, which I thought I had setup right. Since it's not working, I obviously missed something.

My policy for the new provider setup like this:

ip rule show
ip route show table net2
If you need more, let me know. I did change the default to go out net2 for everything, and that worked. So this should work, in theory.

Thanks for the help.

Edit:
I should add, that all the traffic I see going out eth0 (my router link and default route) for my test ssh forward, the from is showing 10.42.30.34. So, judging by the ip rule show, it should be hitting the net2 table first.

I know what the problem is. I'm working with NAT to make sure all the traffic gets routed correctly back to where it belongs. I'm using iptables, and that's a POSTROUTING command. So, the packets are technically getting routed the correct direction as the from address is getting changed after the route is determined.

Unfortunately, that's not what I need to happen. I'm really trying to figure all this out. I'm basically copying the router setup from what we currently have. But I'm starting to think that I'll need to rework it completely. Any ideas? Maybe I don't need the POSTROUTE MASQUERADE?