I want to make two devices in the same city, same ISP talk to each other, and partially succeed. Details:
My ISP have a bit weird set-up:
- their DHCP server gives me IP with mask 23. This subnet covers the IPs they assign to the segment in my neighborhood/city
- but they isolate their clients from talking to each other directly and the (properly) set route for the /23 sub-net prevents my MT from going via the gateway
One of the routers is my MT, the other one (calling it ‘neighbor’) is controlled by them. On my MT I did:
- mangle rule to add routing-mark xx for dst-address xx.yy.168.0/23
- separate routing table with only rule: xxx.yyy.168.0/23 → ISP’s default gateway
- added routing rule for routing-mark xx to use the table above
My ISP did something similar on the neighbor node.
When I ping (or connect to) the “neighbor” IP from MT LAN node, it works well. Traceroute shows requests go via the gateway, everything is as expected.
When I ping the neighbor from MT itself it ignores the routing-mark and the extra routing table, trying to directly talk to the neighbor IP via the WAN port. As expected this fails.
Pinging my MT from the neighbour lan fails too, but I can see the ICMP packet entering my MT firewall (the accept ICMP rule registers it).
How do I make MT use the routing-mark & the routing rule above?