Routing via 2 interfaces

Zupp · September 9, 2016, 7:20am

Hi people,

I have a small issue which I cannot solve apparently. Im using a normal fiber connection, using an PPPoE interface which is bridge to my LAN etc. This al works fine and normal. Now, one of the machines I use (IP 192.168.2.251) has to use a VPN L2TP interface to go out.

For this I use a mangle rule, which marks packets coming from the 2.251 IP:

chain=prerouting action=mark-routing new-routing-mark=other passthrough=yes 
      src-address=192.168.2.251 log=no log-prefix=""

Then these use a static route saying al packages marked “other” are using the L2TP gateway.
This works fine, traffic is being routed as it should be and goes via the L2TP gateway onto the internet.

The problem is that when the L2TP interface goes down for whatever reason, the traffic from the marked packages routes via the PPPoE interface. This is not desirable. When the L2TP interface fails, packages should just be dropped (or routed wrong).
How can I make this? I tried using a static route and separating both packets but this didn’t seem to work.

Thanks in advance for the help!

Mark

Rudios · September 9, 2016, 10:38am

Just create a dummy route rule (just a copy of the existing route rule) with a higher distance.

Zupp · September 9, 2016, 12:52pm

This seems to have no effect, im wondering if there is some rule that allows traffic to go out. Would it work if i disable the default route option on the PPPoE interface and make a static route?

#      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          l2tp-out1                 1
 1   S  0.0.0.0/0                          l2tp-out1               255

Zupp · September 9, 2016, 1:27pm

Fixed it, added a second rule which instead of a unicast is a blackhole. So now packets are just beind discarded.