2WAN 2LAN PCC and Mangle

Rockyboa · June 16, 2010, 5:14pm

Trying to figure out why as soon as I activate my rule #8 both LAN100 and Bridge110 don’t see each other anymore.

This is taken directly from the PCC example.

0   ;;; from Telus mark conn_telus
     chain=input action=mark-connection new-connection-mark=telus_conn passthrough=yes in-interface=Telus 

 1   ;;; from Videotron mark conn_videotron
     chain=input action=mark-connection new-connection-mark=videotron_conn passthrough=yes in-interface=Videotron 

 2   ;;; if mark telus_conn new routing mark to_telus
     chain=output action=mark-routing new-routing-mark=to_telus passthrough=yes connection-mark=telus_conn 

 3   ;;; if mark conn_videotron new routing mark to_videotron
     chain=output action=mark-routing new-routing-mark=to_videotron passthrough=yes connection-mark=videotron_conn 

 4   ;;; Force accept traffic from LAN110 to Telus
     chain=prerouting action=accept dst-address=xx.xx.xx.64/28 in-interface=bridge110 

 5   chain=prerouting action=accept dst-address=xx.xx.xx.64/28 in-interface=LAN100 

 6   ;;; Force accept traffic from LAN110 Videotron
     chain=prerouting action=accept dst-address=yy.yy.yy.120/29 in-interface=bridge110 

 7   chain=prerouting action=accept dst-address=yy.yy.yy.120/29 in-interface=LAN100 

 8 X ;;; Don't mark conn_telus from local traffic
     chain=prerouting action=mark-connection new-connection-mark=telus_conn passthrough=yes dst-address-type=!local 
     in-interface=bridge110 per-connection-classifier=both-addresses:2/0 

 9 X chain=prerouting action=mark-connection new-connection-mark=telus_conn passthrough=yes dst-address-type=!local 
     in-interface=LAN100 per-connection-classifier=both-addresses:2/0 

10 X ;;; Don't mark conn_videotron from local traffic
     chain=prerouting action=mark-connection new-connection-mark=videotron_conn passthrough=yes dst-address-type=!local 
     in-interface=bridge110 per-connection-classifier=both-addresses:2/1 

11 X chain=prerouting action=mark-connection new-connection-mark=videotron_conn passthrough=yes dst-address-type=!local 
     in-interface=LAN100 per-connection-classifier=src-address:2/1 

12   ;;; mark LAN with conn_telus traffic routing mark to_telus
     chain=prerouting action=mark-routing new-routing-mark=to_telus passthrough=yes in-interface=bridge110 
     connection-mark=telus_conn 

13   chain=prerouting action=mark-routing new-routing-mark=to_telus passthrough=yes in-interface=LAN100 
     connection-mark=telus_conn 

14   ;;; mark LAN with conn_videotron traffic routing mark to_videotron
     chain=prerouting action=mark-routing new-routing-mark=to_videotron passthrough=yes in-interface=bridge110 
     connection-mark=videotron_conn 

15   chain=prerouting action=mark-routing new-routing-mark=to_videotron passthrough=yes in-interface=LAN100 
     connection-mark=videotron_conn