* [LARTC] Forcing an "external" route
@ 2001-12-07 21:38 David Purves
2001-12-07 22:27 ` bert hubert
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: David Purves @ 2001-12-07 21:38 UTC (permalink / raw)
To: lartc
Here is as wacky a situation as you might find...
Given a linux box with two ethernet cards:
eth0 at ip 192.168.100
eth1 at ip 172.16.1.100,
and an internet "appliance" with two ethernet ports:
p0 at ip 192.168.1.101
p1 at ip 172.16.1.1,
I want to force packets from eth0 <--> eth1 to take the path
eth0 <--> p0 <--> p1<-->eth1.
What I have here is an appliance that I want to run some throughput tests.
The cables are set up eth0 <--> p0 and p1<-->eth1 and work (pings work
just fine)....
no matter what I try, the kernel is too smart for me :-) , and it
routes internally (inside the linux box) instead of entering the outside
world.
Any ideas?
David Purves
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Forcing an "external" route
2001-12-07 21:38 [LARTC] Forcing an "external" route David Purves
@ 2001-12-07 22:27 ` bert hubert
2001-12-07 22:38 ` bert hubert
2001-12-07 22:46 ` Greg Scott
2 siblings, 0 replies; 4+ messages in thread
From: bert hubert @ 2001-12-07 22:27 UTC (permalink / raw)
To: lartc
On Fri, Dec 07, 2001 at 03:38:48PM -0600, David Purves wrote:
> I want to force packets from eth0 <--> eth1 to take the path
> eth0 <--> p0 <--> p1<-->eth1.
>
> What I have here is an appliance that I want to run some throughput tests.
>
> The cables are set up eth0 <--> p0 and p1<-->eth1 and work (pings work
> just fine)....
> no matter what I try, the kernel is too smart for me :-) , and it
> routes internally (inside the linux box) instead of entering the outside
> world.
I don't think that this is possible purely with iproute2. You will probably
need at least one extra machine to perform NAT.
Perhaps you can get away with UML (usermodelinux).
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
Trilab The Technology People
Netherlabs BV / Rent-a-Nerd.nl - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Forcing an "external" route
2001-12-07 21:38 [LARTC] Forcing an "external" route David Purves
2001-12-07 22:27 ` bert hubert
@ 2001-12-07 22:38 ` bert hubert
2001-12-07 22:46 ` Greg Scott
2 siblings, 0 replies; 4+ messages in thread
From: bert hubert @ 2001-12-07 22:38 UTC (permalink / raw)
To: lartc
On Fri, Dec 07, 2001 at 04:46:00PM -0600, Greg Scott wrote:
> What if you used some iptables rules to DENY packets from eth0 with
> destination ip address 172.16.1.100? I'm thinking you might have to put in
> the rules in the OUTPUT table and catch them on the way out from
> 192.168.1.100. No clue whether or not that will work, but worth a try.
That just drops the packets. You might try some DNAT stuff on the iptables
POSTROUTING chain, perhaps that works. I think it might.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
Trilab The Technology People
Netherlabs BV / Rent-a-Nerd.nl - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [LARTC] Forcing an "external" route
2001-12-07 21:38 [LARTC] Forcing an "external" route David Purves
2001-12-07 22:27 ` bert hubert
2001-12-07 22:38 ` bert hubert
@ 2001-12-07 22:46 ` Greg Scott
2 siblings, 0 replies; 4+ messages in thread
From: Greg Scott @ 2001-12-07 22:46 UTC (permalink / raw)
To: lartc
What if you used some iptables rules to DENY packets from eth0 with
destination ip address 172.16.1.100? I'm thinking you might have to put in
the rules in the OUTPUT table and catch them on the way out from
192.168.1.100. No clue whether or not that will work, but worth a try.
- Greg
-----Original Message-----
From: David Purves [mailto:davidpurves@mindspring.com]
Sent: Friday, December 07, 2001 3:39 PM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] Forcing an "external" route
Here is as wacky a situation as you might find...
Given a linux box with two ethernet cards:
eth0 at ip 192.168.100
eth1 at ip 172.16.1.100,
and an internet "appliance" with two ethernet ports:
p0 at ip 192.168.1.101
p1 at ip 172.16.1.1,
I want to force packets from eth0 <--> eth1 to take the path
eth0 <--> p0 <--> p1<-->eth1.
What I have here is an appliance that I want to run some throughput tests.
The cables are set up eth0 <--> p0 and p1<-->eth1 and work (pings work
just fine)....
no matter what I try, the kernel is too smart for me :-) , and it
routes internally (inside the linux box) instead of entering the outside
world.
Any ideas?
David Purves
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://ds9a.nl/2.4Routing/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2001-12-07 22:46 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-12-07 21:38 [LARTC] Forcing an "external" route David Purves
2001-12-07 22:27 ` bert hubert
2001-12-07 22:38 ` bert hubert
2001-12-07 22:46 ` Greg Scott
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.