Sign up with Google
fixx
Well-Known Member
- Joined
- Feb 13, 2006
- Messages
- 278
Heya guys
I have 4 active outbound links on my routerboard 750G. Only one of the connections (an l2tp connection) sets the default route dynamically. The other three interface does have default routes pointing to them but only for certain routing marks.
All interfaces masquerade outbound.
The problem I have, is that whenever I NAT something in from one of those interfaces on which the default route matches only on certain routing marks, the outbound traffic still tries to route via the link that has the default gateway set dynamically.
The weird part is this, I have tried only to NAT SMTP traffic on my ADSL line, if I telnet to it from the outside world it connects! I see the SMTP banner and everything, but as soon as I say 'hello whatever' to start the SMTP transaction the connection times out.
Here is my config:
This is the NAT rule that forwards the SMTP traffic to the machine on the internal LAN
chain=dstnat action=dst-nat to-addresses=10.10.43.2 to-ports=25 protocol=tcp in-interface=pppoe-to-mweb dst-port=25
I have 4 mangle rules to mark the connection / routing
chain=prerouting action=mark-connection new-connection-mark=in-from-mweb passthrough=yes connection-state=new in-interface=pppoe-to-mweb
chain=output action=mark-routing new-routing-mark=route-via-adsl passthrough=no connection-mark=in-from-mweb
chain=forward action=mark-connection new-connection-mark=in-from-mweb passthrough=yes connection-state=new out-interface=!pppoe-to-mweb connection-mark=in-from-mweb
chain=prerouting action=mark-routing new-routing-mark=route-via-adsl passthrough=no in-interface=!pppoe-to-mweb connection-mark=in-from-mweb
Now when I add a new rule to say for example route from any source to anywhere where the destination-address is neworder.box.sk for example, it works perfect, so from internal > Internet the outbound routing will route via the ADSL.
Here is my lookup rule for the outbound traffic on the ADSL
routing-mark=route-via-adsl action=lookup table=route-via-adsl
Can someone please point me in the right direction how to get it to work?
Here is an example of the output for the SMTP traffic via the ADSL link
telnet X.132.X.222 25
Trying X.132.X.222...
Connected to X-132-X-222.dsl.mweb.co.za (X.132.X.222).
Escape character is '^]'.
220 Starbright Network Solutions - SMTP
helo asd
And then it just times out eventually...
But as mentioned earlier - If I set the pppoe-to-mweb interface to have its default route added dynamically it works 100% so my mangle rules seem to be the problem.
Thanks in advance for the help.
I have 4 active outbound links on my routerboard 750G. Only one of the connections (an l2tp connection) sets the default route dynamically. The other three interface does have default routes pointing to them but only for certain routing marks.
All interfaces masquerade outbound.
The problem I have, is that whenever I NAT something in from one of those interfaces on which the default route matches only on certain routing marks, the outbound traffic still tries to route via the link that has the default gateway set dynamically.
The weird part is this, I have tried only to NAT SMTP traffic on my ADSL line, if I telnet to it from the outside world it connects! I see the SMTP banner and everything, but as soon as I say 'hello whatever' to start the SMTP transaction the connection times out.
Here is my config:
This is the NAT rule that forwards the SMTP traffic to the machine on the internal LAN
chain=dstnat action=dst-nat to-addresses=10.10.43.2 to-ports=25 protocol=tcp in-interface=pppoe-to-mweb dst-port=25
I have 4 mangle rules to mark the connection / routing
chain=prerouting action=mark-connection new-connection-mark=in-from-mweb passthrough=yes connection-state=new in-interface=pppoe-to-mweb
chain=output action=mark-routing new-routing-mark=route-via-adsl passthrough=no connection-mark=in-from-mweb
chain=forward action=mark-connection new-connection-mark=in-from-mweb passthrough=yes connection-state=new out-interface=!pppoe-to-mweb connection-mark=in-from-mweb
chain=prerouting action=mark-routing new-routing-mark=route-via-adsl passthrough=no in-interface=!pppoe-to-mweb connection-mark=in-from-mweb
Now when I add a new rule to say for example route from any source to anywhere where the destination-address is neworder.box.sk for example, it works perfect, so from internal > Internet the outbound routing will route via the ADSL.
Here is my lookup rule for the outbound traffic on the ADSL
routing-mark=route-via-adsl action=lookup table=route-via-adsl
Can someone please point me in the right direction how to get it to work?
Here is an example of the output for the SMTP traffic via the ADSL link
telnet X.132.X.222 25
Trying X.132.X.222...
Connected to X-132-X-222.dsl.mweb.co.za (X.132.X.222).
Escape character is '^]'.
220 Starbright Network Solutions - SMTP
helo asd
And then it just times out eventually...
But as mentioned earlier - If I set the pppoe-to-mweb interface to have its default route added dynamically it works 100% so my mangle rules seem to be the problem.
Thanks in advance for the help.