[CentOS] Routing issue

Wed Oct 3 13:30:25 UTC 2012
Steve Clark <sclark at netwolves.com>

On 10/03/2012 08:46 AM, Manish Kathuria wrote:
> I was under the impression that you are running a FTP server inside
> and were facing problems with the incoming traffic for the same. If
> you are primarily concerned with the outgoing traffic through two ISP
> links, please follow the following steps:
> 1. Refer to http://www.ssi.bg/~ja/nano.txt  for creating your rules.
> 2. Recompile the kernel after applying Julian Anistov's routes patch
> (the URL is there in the earlier messages).
> 3. Make a script to check the status of the links and change the
> default gateway accordingly. Let me know if you need a script.
> 4. Make sure that your firewall (iptables) is stateful and allows
> related and established connections and the NAT and connection
> tracking modules (nf_conntrack, nf_conntrack_ftp, nf_nat and
> nf_nat_ftp) are loaded.
> I have followed this approach at a number of places without any
> problems related to FTP or other protocols. The only issue I faced was
> that the patch failed for all the CentOS 5.x kernels I tried (perhaps
> due to some conflict with an existing patch). But its working
> perfectly for the kernels in CentOS 6 and 6.1.
> Thanks,
> --
> Manish
Hi Manish,

Thanks for the response.
It is good to know there is a general solution. It is too bad that
the referenced patches were never merged into to main kernel tree, forcing people
to have to build and maintain their own kernel.

Stephen Clark
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark at netwolves.com