On a router with two ISP connections running 7.12.1 I am using route marks to load balance the traffic between the connections.
To do that, in mangle prerouting I assign a routing mark based on per-connection-classifier=src-address:2/x
This works fine. There are two extra routing tables for the 2 ISP containing the default route for each, one of them is also present in table main.
(there is a second entry with distance 2 for the other ISP in each of those tables)
Now, I want to dst-nat some outgoing traffic to the local router. E.g. DNS requests to a certain external server have to be redirected to the local DNS resolver.
The problem I encounter is that traffic dst-natted to a local address is not reachable via those alternate routing tables. So it does not work.
How can this be resolved? I have attempted to add routes to the alternative tables but I cannot find how to add a route for a local address of the router in such a way that it is routed locally to the DNS service.
Adding route rules for the local addresses also does not work for this case. I think in v7 the logic has changed so that route marks go before route rules.
(the solution worked OK in v6 but I have changed some things in the route rules setup since then so it is not really representative)
I had hope that "redirect" would work where "dst-nat to the router address" would not, but there is no difference.
To do that, in mangle prerouting I assign a routing mark based on per-connection-classifier=src-address:2/x
This works fine. There are two extra routing tables for the 2 ISP containing the default route for each, one of them is also present in table main.
(there is a second entry with distance 2 for the other ISP in each of those tables)
Now, I want to dst-nat some outgoing traffic to the local router. E.g. DNS requests to a certain external server have to be redirected to the local DNS resolver.
The problem I encounter is that traffic dst-natted to a local address is not reachable via those alternate routing tables. So it does not work.
How can this be resolved? I have attempted to add routes to the alternative tables but I cannot find how to add a route for a local address of the router in such a way that it is routed locally to the DNS service.
Adding route rules for the local addresses also does not work for this case. I think in v7 the logic has changed so that route marks go before route rules.
(the solution worked OK in v6 but I have changed some things in the route rules setup since then so it is not really representative)
I had hope that "redirect" would work where "dst-nat to the router address" would not, but there is no difference.
Statistics: Posted by pe1chl — Mon Feb 26, 2024 5:32 pm