SlideShare una empresa de Scribd logo

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

Naoto MATSUMOTO
Naoto MATSUMOTO

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO 07 Jan, 2013 SAKURA Internet Research Center Senior Researcher / Naoto MATSUMOTO

Tecnología
1 de 1
Vyatta Core 6.5R1 Policy Base Routing mechanism $ sudo iptables --list -t mangle -v –n : Chain PREROUTING (policy ACCEPT 2253 packets, 127K bytes) pkts bytes target prot opt in out source destination 2254 127K VYATTA_FW_IN_HOOK all -- * * 0.0.0.0/0 0.0.0.0/0 Chain VYATTA_FW_IN_HOOK (1 references) pkts bytes target prot opt in out source destination 218 20026 SRC-PORT-SLB all -- eth0 * 0.0.0.0/0 0.0.0.0/0 set interfaces ethernet eth0 policy route 'SRC-PORT-SLB' Chain SRC-PORT-SLB (1 references) pkts bytes target prot opt in out source destination 0 0 VYATTA_PBR_10 tcp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 udp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 icmp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-20 */ 218 20026 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 /* SRC-PORT-SLB-10000 default-action accept */ set policy route SRC-PORT-SLB rule 10 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 10 protocol 'tcp_udp' set policy route SRC-PORT-SLB rule 10 source port '1-65535' set policy route SRC-PORT-SLB rule 20 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 20 protocol 'icmp' Chain VYATTA_PBR_10 (3 references) pkts bytes target prot opt in out source destination 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x80000009 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 $ sudo ip rule list 0: from all lookup local set policy route SRC-PORT-SLB rule 10 set table '10' 10: from all fwmark 0x80000009 lookup 10 set policy route SRC-PORT-SLB rule 20 set table '10‘ 32766: from all lookup main 32767: from all lookup default set protocols static table 10 route 0.0.0.0/0 next-hop 'R.R.R.R' $ sudo ip route show table 10 default via R.R.R.R dev eth1 proto zebra Source: SAKURA Internet Research Center. 01/2013: Project THORN

Recomendados

Amos command
Amos commandAmos command
Amos command
Hossein Abbasi
 
Huawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetHuawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheet
Mark Tsui
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reporting
martin-pitt
 
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Tsuyoshi Horigome
 
Route Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsRoute Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route Maps
NetProtocol Xpert
 
Conversor
ConversorConversor
Conversor
ALEXANDER PIÑA
 
bgp-01
bgp-01bgp-01
bgp-01
kj teoh
 
PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)
Tsuyoshi Horigome
 

Recomendados

Amos command
Amos commandAmos command
Amos command
Hossein Abbasi
 
Huawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetHuawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheet
Mark Tsui
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reporting
martin-pitt
 
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Tsuyoshi Horigome
 
Route Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsRoute Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route Maps
NetProtocol Xpert
 
Conversor
ConversorConversor
Conversor
ALEXANDER PIÑA
 
bgp-01
bgp-01bgp-01
bgp-01
kj teoh
 
PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)
Tsuyoshi Horigome
 
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
マルツエレック株式会社 marutsuelec
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Angel Clavel
 
PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)
Tsuyoshi Horigome
 
Lampiran 1.programdocx
Lampiran 1.programdocxLampiran 1.programdocx
Lampiran 1.programdocx
Lugik kristiyanto
 
UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)
Omkar Rane
 
SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)
Tsuyoshi Horigome
 
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
Naoto MATSUMOTO
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_part
lilliput12
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -
Naoto MATSUMOTO
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGP
Private
 
Labs ospf
Labs ospfLabs ospf
Labs ospf
Abraham Salgado Garcia
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
Bangladesh Network Operators Group
 
IPv6_ROUTING_RIP
IPv6_ROUTING_RIPIPv6_ROUTING_RIP
IPv6_ROUTING_RIP
Lukman, SE, M.Kom Vocational Hight School SMKN2 PKU
 
A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN
Riyaj Shamsudeen
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing
Kristof De Brouwer
 
Icnd210 s08l02
Icnd210 s08l02Icnd210 s08l02
Icnd210 s08l02
computerlenguyen
 
What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdf
SIGMATAX1
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성
Woo Hyung Choi
 
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
CBO GmbH
 
Day 20.1 configuringframerelay
Day 20.1 configuringframerelayDay 20.1 configuringframerelay
Day 20.1 configuringframerelay
CYBERINTELLIGENTS
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34
Shaikhul Islam Chowdhury
 
Adsl lab
Adsl labAdsl lab
Adsl lab
VNG
 

Más contenido relacionado

La actualidad más candente

La actualidad más candente (6)

Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
 
PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)
 
Lampiran 1.programdocx
Lampiran 1.programdocxLampiran 1.programdocx
Lampiran 1.programdocx
 
UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)
 
SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)
 

Similar a VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdf
SIGMATAX1
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34
Shaikhul Islam Chowdhury
 

Similar a VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO (20)

PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_part
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGP
 
Labs ospf
Labs ospfLabs ospf
Labs ospf
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
 
IPv6_ROUTING_RIP
IPv6_ROUTING_RIPIPv6_ROUTING_RIP
IPv6_ROUTING_RIP
 
A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing
 
Icnd210 s08l02
Icnd210 s08l02Icnd210 s08l02
Icnd210 s08l02
 
What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdf
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성
 
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
 
Day 20.1 configuringframerelay
Day 20.1 configuringframerelayDay 20.1 configuringframerelay
Day 20.1 configuringframerelay
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34
 
Adsl lab
Adsl labAdsl lab
Adsl lab
 
Lab 4 marking
Lab 4 markingLab 4 marking
Lab 4 marking
 
Day 20.3 frame relay
Day 20.3 frame relay Day 20.3 frame relay
Day 20.3 frame relay
 
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
 
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
 

Más de Naoto MATSUMOTO

Más de Naoto MATSUMOTO (20)

Alder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature MonitoringAlder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature Monitoring
 
CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化
 
5Gの見える化
5Gの見える化5Gの見える化
5Gの見える化
 
2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)
 
防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察
 
旅するパケットの見える化
旅するパケットの見える化旅するパケットの見える化
旅するパケットの見える化
 
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
 
災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化
 
BeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep diveBeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep dive
 
AMDGPU ROCm Deep dive
AMDGPU ROCm Deep diveAMDGPU ROCm Deep dive
AMDGPU ROCm Deep dive
 
Network Adapter Deep dive
Network Adapter Deep diveNetwork Adapter Deep dive
Network Adapter Deep dive
 
RTL2838 DVB-T Deep dive
RTL2838 DVB-T Deep diveRTL2838 DVB-T Deep dive
RTL2838 DVB-T Deep dive
 
x86_64 Hardware Deep dive
x86_64 Hardware Deep divex86_64 Hardware Deep dive
x86_64 Hardware Deep dive
 
ADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheetADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheet
 
curl --http3 cheatsheet
curl --http3 cheatsheetcurl --http3 cheatsheet
curl --http3 cheatsheet
 
3/4G USB modem Cheat Sheet
3/4G USB modem Cheat Sheet3/4G USB modem Cheat Sheet
3/4G USB modem Cheat Sheet
 
How To Train Your ARM(SBC)
How To Train Your ARM(SBC)How To Train Your ARM(SBC)
How To Train Your ARM(SBC)
 
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
 
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
 
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
 

Último

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 

Último (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

  • 1. Vyatta Core 6.5R1 Policy Base Routing mechanism $ sudo iptables --list -t mangle -v –n : Chain PREROUTING (policy ACCEPT 2253 packets, 127K bytes) pkts bytes target prot opt in out source destination 2254 127K VYATTA_FW_IN_HOOK all -- * * 0.0.0.0/0 0.0.0.0/0 Chain VYATTA_FW_IN_HOOK (1 references) pkts bytes target prot opt in out source destination 218 20026 SRC-PORT-SLB all -- eth0 * 0.0.0.0/0 0.0.0.0/0 set interfaces ethernet eth0 policy route 'SRC-PORT-SLB' Chain SRC-PORT-SLB (1 references) pkts bytes target prot opt in out source destination 0 0 VYATTA_PBR_10 tcp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 udp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 icmp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-20 */ 218 20026 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 /* SRC-PORT-SLB-10000 default-action accept */ set policy route SRC-PORT-SLB rule 10 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 10 protocol 'tcp_udp' set policy route SRC-PORT-SLB rule 10 source port '1-65535' set policy route SRC-PORT-SLB rule 20 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 20 protocol 'icmp' Chain VYATTA_PBR_10 (3 references) pkts bytes target prot opt in out source destination 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x80000009 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 $ sudo ip rule list 0: from all lookup local set policy route SRC-PORT-SLB rule 10 set table '10' 10: from all fwmark 0x80000009 lookup 10 set policy route SRC-PORT-SLB rule 20 set table '10‘ 32766: from all lookup main 32767: from all lookup default set protocols static table 10 route 0.0.0.0/0 next-hop 'R.R.R.R' $ sudo ip route show table 10 default via R.R.R.R dev eth1 proto zebra Source: SAKURA Internet Research Center. 01/2013: Project THORN