RouterA || RouterB
1.1.1.2 || 1.1.1.3
||
Fw-ext-ip(1.1.1.1)
Firewall==================DMZ(192.168.0.0/24)
Fw-int-ip(10.0.0.1/24)
We assume that SPlat default gw to RouterA.
route add default gw 1.1.1.2 Now we will define policy based routing. We need to define a Table ID and an alias for it.
Defining Alias:
=================
Edit /etc/iproute2/rt_tables file. As you see below we have added ID 23 to alias adsl.
#more rt_tables
#
# reserved values
#
#255 local
#254 main
#253 default
#0 unspec
#
# local
#
#1 inr.ruhep
23 adsl You may use below command for this:
#echo 23 adsl >> /etc/iproute2/rt_tables Then we will specify which source ip address will be use this table:
#
ip rule add from 10.0.0.5/24 table adsl (all lan IPs will use this table)
Lets specify this adsl table's default gateway to RouterB
#
ip route add default via 1.1.1.3 dev eth0 table adsl We have to add following rule in order to give access from 10.0.0.x to the dmz
#
ip route add 192.168.0.0/24 dev eth2 table adsl To activate changes type following
#
ip route flush cache After reboot things we made will not be remain. We have to add all the commands to rc.local file to make changes permenant after reboot.
ip rule add from 10.0.0.0/24 table adsl
ip route add default via 1.1.1.3 dev eth0 table adsl
ip route add 192.168.0.0/24 dev eth2 table adsl
ip route flush cache I hope this helps.
You may also find Turkish version of this
document here.