0

Hi everyone,

I am having a bit of an issue with multiple outbound connections.

I have set up 2 open vpn servers on the same IP address.
Server 1:
Port 500
dev tap0
ip 10.8.2.1

Server 2:
Port 501
dev tap0
ip 10.8.3.1

On the client side I have.
Client 1:
port 500
dev tap0
ip 10.8.2.2

Client 2:
port 501
dev tap1
ip 10.8.3.3

Outbound connection 1 ppp0
Outbound connection 2 ppp1

If I put either of these as my default route, as expected both cliet 1 and client 2 will connect fine.

I have set-up 2 ip tables.
One with the default set as ppp0 and contains 10.8.2.2
One with the default set as ppp1 and contains 10.8.3.3

I then have set in the iptables mangle PREROUTING to mark all packets on port 500 to be marked with 100 (0x64) and all packets on port 501 to be marked with 101 (0x65).

I then create 2 rules so anything marked with 100 will route out of table1 and anything marked with 101 will route out of table2.
ip rule from all to (Server IP) fwmark 100 lookup table1
ip rule from all to (server IP) fwmark 101 lookup table2

However nothing is following this rule and no packets are being marked by the iptables rule.

If I add a default route through either of the connections the iptables rule marks all the packets but route out of the default route of corse.

If I set either of the tables as ip rule from all lookup table1 everything routes fine and the iptables rule appends the fwmark but ofcorse only route out of ppp0.

Anyone have any thoughts of why nothing is being marked by the iptables PREROUTING rule? I can see the packets increasing but not the mark count unless I have it routing out of 1 connection only.

1
Contributor
1
Reply
2
Views
7 Years
Discussion Span
Last Post by omol
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.