On Mon, Aug 20, 2012 at 10:03 AM, David Ronkin <dron...@gmail.com> wrote:
> We had similar configuration & issue when switched from old sisco router > to new fortigate. > Fixed it by a smart support guy totally by chaging routing rules on the > router. > it could work by the second router doing an inverse NAT, i am not sure it is possible, but there it has a lot of restrictions (i.e. can't generate outbound connection ...) > > Recheck the routing rules on your setup, don't think you need to dive down > to the kernel. > it's not diving to the kernel, it is just a few "ip" commands. > > David > > > > -- > בברכה, > דוד רונקין > נא בקרו בבלוג שלי: http://dronkin.blogspot.com > > > > 2012/8/20 Erez D <erez0...@gmail.com> > >> hello >> >> >> i have a server with two eth ports, each connects to a different router, >> and then to the internet. >> i want all normal trafic to the internet to go via router 1 (eth0), so i >> added a default route to it >> i want connections TCP coming from all over the internet to the second >> router(eth1), to be accepted. >> >> the problem is that altough connections are coming from eth1, due to the >> default route, they are answered from eth0, which means a tcp connection >> can not be established. >> i know that linux has a conntrack module, can i use it to tell the kernel >> to answer on the same eth it got SYN from ? >> >> _______________________________________________ >> Linux-il mailing list >> Linux-il@cs.huji.ac.il >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il >> >> > > > > >
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
