conditional forwarders

Home Page Forums Network Management Networking conditional forwarders

This topic contains 0 replies, has 0 voices, and was last updated by  punisher 9 years, 10 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #42100

    punisher
    Member

    I am using Zeroshell as a captive portal to provide Internet access to client via a private non-routable vlan. So, these users are using my physical infrasttructure to get access through zeroshell to the Internet but the vlan they are on does not route anywhere on my internal network. The problem is that we have some hosts in my DMZ I would like them to access via their private ip adddress. So one way to accomplish this is with conditional forwarding. Can Zeroshell do conditional forwarding?

    #49276

    atheling
    Member

    I haven’t used VLANs with Zeroshell so I don’t know what it is really doing behind the scenes to make it work.

    That said, if/when you have multiple external interfaces for load balancing the Zeroshell sets up things to use the packet marks to select the routing table to use. What is the result of a “ip rule list” command at the shell prompt? Here is mine:

    root@zeroshell root> ip rule list
    0: from all lookup local
    32764: from all fwmark 0x66 lookup 102
    32765: from all fwmark 0x65 lookup 101
    32766: from all lookup main
    32767: from all lookup default

    If Zeroshell is doing the same type of thing for your VLAN setup, then you can use the prerouting chain in the mangle table (I find putting iptables commands into the “nat and virtual server tables” an okay place) to tag the traffic you want to use the appropriate routing table to get access to those IP addresses to go to your DMZ.

    You can use the “ip route list table 101” command to see where table 101 will route things.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.