Rick Sewill wrote: > On Thu, 2010-03-18 at 14:07 -0600, S P Arif Sahari Wibowo wrote: >> Hi! >> >> I am wondering whether it is possible to choose TCP/IP routing >> for a specific instance of an application - chosen on user-level >> when the application is started? >> >> More specifically I have a workstation with 2 Internet >> connections (different devices), and I would like to have some >> applications connecting to Internet using one connection while >> other applications connecting to Internet using the other >> connection, where I choose which application instance use which >> connection. >> >> I control the whole workstation (root, hardware) so I can do >> whatever on the machine, but not the router / connection. >> >> Any idea? > > I have not done what you are requesting. > > I did an Internet search and came to the following conclusions: > 1) You can mark packets using iptables. > The marking can be based on type of traffic, ex: html, smtp, etc. > > 2) You then use ip routing to do what is called policy routing. > You have multiple routing tables. > The routing table to be used will be selected based on the marking. > > I will suggest you look at the following URL and see if it helps you. > > This URL is not for the faint of heart: > http://linux-ip.net/html/adv-multi-internet.html > > The key overview to understand this URL is the summary near the top: > Quoting from the URL, > "...Before beginning let's outline the process we are going to follow. > > * Copy the main routing table to another routing table and set the > alternate default route [38]. > > * Use iptables/ipchains to mark traffic with fwmark. > > * Add a rule to the routing policy database. > > * Test!" > > I have not personally done this. That's the way my firewall works, by default I go out one ISP, optionally I use another. The only tip I offer is that you have to be careful to get the source IP right for the NIC you use. I think you can just set the source IP in iptables and put a few rules in routing, and eliminate the MARK entirely, but I have it working the way it is, and no reason to change it. I have access to another ISP account at the moment, if I really wanted to go crazy with routing I could. > I can't do much more than give you the URL reference. > You will need to determine if this as a possible solution for you. > > -- Bill Davidsen <davidsen@xxxxxxx> "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
