The "internet" is everything and anything (sans unroutables). The default route is the route to anything.
If you can't specify the subnets that the PRI has to connect to, then also the route to internet is through PRI.
Need of Two default gateway
-
- Posts: 12
- Joined: 2021/02/09 13:57:36
Re: Need of Two default gateway
thanks
PRI is only for calling purpose , not for Internet,
Can we use iptables or some other solution to use internet with 192 network.
I need to use Yum for updating and Google is required.
thanks
PRI is only for calling purpose , not for Internet,
Can we use iptables or some other solution to use internet with 192 network.
I need to use Yum for updating and Google is required.
thanks
Re: Need of Two default gateway
Yes, but if PRI really needs the default route, then you will call anywhere in the Internet.
However, if PRI has a list of addresses that it will actually call (and only the calls need to connect to those addresses), then PRI does not need the default route.
If that is really not possible, then policy-based routing might be the solution. You had some of that in your original post.
You did show two rules:
Code: Select all
ip rule add from 192.168.1.14/32 table rt2
ip rule add to 192.168.1.14/32 table rt2
Does the PRI traffic have something predictable and unique? Like dport or sport that could be used to select packets of new connections that should be routed via ens133?man ip-rule wrote:Code: Select all
SELECTOR := [ not ] [ from PREFIX ] [ to PREFIX ] [ tos TOS ] [ fwmark FWMARK[/MASK] ] [ iif STRING ] [ oif STRING ] [ pref NUMBER ] [ l3mdev ] [ uidrange NUMBER-NUMBER ] [ ipproto PROTOCOL ] [ sport [ NUMBER | NUMBER-NUMBER ] ] [ dport [ NUMBER | NUMBER-NUMBER ] ] [ tun_id TUN_ID ]
-
- Posts: 12
- Joined: 2021/02/09 13:57:36
Re: Need of Two default gateway
Thanks for your reply,
I tried to make policy based like above and try to implement iptables too , but not yet success.
Is that possible for you to login /access to my server for just 5 minutes to resolve the issue.
we can use anydesk/teamviewer for just 5 minutes .
thanks in advance.
I tried to make policy based like above and try to implement iptables too , but not yet success.
Is that possible for you to login /access to my server for just 5 minutes to resolve the issue.
we can use anydesk/teamviewer for just 5 minutes .
thanks in advance.
Re: Need of Two default gateway
No way. You definitely do not wan't to grant access to your system to random strangers.