SlideShare a Scribd company logo

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

Naoto MATSUMOTO
Naoto MATSUMOTO

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO 07 Jan, 2013 SAKURA Internet Research Center Senior Researcher / Naoto MATSUMOTO

Technology
1 of 1
Vyatta Core 6.5R1 Policy Base Routing mechanism $ sudo iptables --list -t mangle -v –n : Chain PREROUTING (policy ACCEPT 2253 packets, 127K bytes) pkts bytes target prot opt in out source destination 2254 127K VYATTA_FW_IN_HOOK all -- * * 0.0.0.0/0 0.0.0.0/0 Chain VYATTA_FW_IN_HOOK (1 references) pkts bytes target prot opt in out source destination 218 20026 SRC-PORT-SLB all -- eth0 * 0.0.0.0/0 0.0.0.0/0 set interfaces ethernet eth0 policy route 'SRC-PORT-SLB' Chain SRC-PORT-SLB (1 references) pkts bytes target prot opt in out source destination 0 0 VYATTA_PBR_10 tcp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 udp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 icmp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-20 */ 218 20026 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 /* SRC-PORT-SLB-10000 default-action accept */ set policy route SRC-PORT-SLB rule 10 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 10 protocol 'tcp_udp' set policy route SRC-PORT-SLB rule 10 source port '1-65535' set policy route SRC-PORT-SLB rule 20 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 20 protocol 'icmp' Chain VYATTA_PBR_10 (3 references) pkts bytes target prot opt in out source destination 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x80000009 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 $ sudo ip rule list 0: from all lookup local set policy route SRC-PORT-SLB rule 10 set table '10' 10: from all fwmark 0x80000009 lookup 10 set policy route SRC-PORT-SLB rule 20 set table '10‘ 32766: from all lookup main 32767: from all lookup default set protocols static table 10 route 0.0.0.0/0 next-hop 'R.R.R.R' $ sudo ip route show table 10 default via R.R.R.R dev eth1 proto zebra Source: SAKURA Internet Research Center. 01/2013: Project THORN

Recommended

Amos command
Amos commandAmos command
Amos commandHossein Abbasi
 
Huawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetHuawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetMark Tsui
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingmartin-pitt
 
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Tsuyoshi Horigome
 
Route Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsRoute Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsNetProtocol Xpert
 
Conversor
ConversorConversor
ConversorALEXANDER PIÑA
 
bgp-01
bgp-01bgp-01
bgp-01kj teoh
 
PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)Tsuyoshi Horigome
 

Recommended

Amos command
Amos commandAmos command
Amos commandHossein Abbasi
 
Huawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetHuawei s5700-28-p-pwr-li-ac datasheet
Huawei s5700-28-p-pwr-li-ac datasheetMark Tsui
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingmartin-pitt
 
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...
Clock Controlled Unipolar Stepping Motor Driver TB67S149FTG (Device Modeling ...Tsuyoshi Horigome
 
Route Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsRoute Maps & Redistribution into OSPF with Route Maps
Route Maps & Redistribution into OSPF with Route MapsNetProtocol Xpert
 
Conversor
ConversorConversor
ConversorALEXANDER PIÑA
 
bgp-01
bgp-01bgp-01
bgp-01kj teoh
 
PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)PSpice to LTspice(BJT Model)
PSpice to LTspice(BJT Model)Tsuyoshi Horigome
 
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015マルツエレック株式会社 marutsuelec
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentAngel Clavel
 
PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)Tsuyoshi Horigome
 
Lampiran 1.programdocx
Lampiran 1.programdocxLampiran 1.programdocx
Lampiran 1.programdocxLugik kristiyanto
 
UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)Omkar Rane
 
SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)Tsuyoshi Horigome
 
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)Naoto MATSUMOTO
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_partlilliput12
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -Naoto MATSUMOTO
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGPPrivate
 
Labs ospf
Labs ospfLabs ospf
Labs ospfAbraham Salgado Garcia
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Bangladesh Network Operators Group
 
IPv6_ROUTING_RIP
IPv6_ROUTING_RIPIPv6_ROUTING_RIP
IPv6_ROUTING_RIPLukman, SE, M.Kom Vocational Hight School SMKN2 PKU
 
A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN Riyaj Shamsudeen
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing Kristof De Brouwer
 
Icnd210 s08l02
Icnd210 s08l02Icnd210 s08l02
Icnd210 s08l02computerlenguyen
 
What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfSIGMATAX1
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성Woo Hyung Choi
 
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...CBO GmbH
 
Day 20.1 configuringframerelay
Day 20.1 configuringframerelayDay 20.1 configuringframerelay
Day 20.1 configuringframerelayCYBERINTELLIGENTS
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Shaikhul Islam Chowdhury
 
Adsl lab
Adsl labAdsl lab
Adsl labVNG
 

More Related Content

What's hot

Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015マルツエレック株式会社 marutsuelec
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentAngel Clavel
 
PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)Tsuyoshi Horigome
 
UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)Omkar Rane
 
SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)Tsuyoshi Horigome
 

What's hot (6)

Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
Spiceを活用した電源回路シミュレーションセミナーテキスト 18 feb2015
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
 
PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)PSpiceアプリケーションセミナー(モータアプリケーション回路)
PSpiceアプリケーションセミナー(モータアプリケーション回路)
 
Lampiran 1.programdocx
Lampiran 1.programdocxLampiran 1.programdocx
Lampiran 1.programdocx
 
UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)UART interfacing on LPC1768 (Cortex M3 micro controller)
UART interfacing on LPC1768 (Cortex M3 micro controller)
 
SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)SPICE活用入門 (02AUG2013)
SPICE活用入門 (02AUG2013)
 

Similar to VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)Naoto MATSUMOTO
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_partlilliput12
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -Naoto MATSUMOTO
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGPPrivate
 
A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN Riyaj Shamsudeen
 
What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfSIGMATAX1
 
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...CBO GmbH
 
Day 20.1 configuringframerelay
Day 20.1 configuringframerelayDay 20.1 configuringframerelay
Day 20.1 configuringframerelayCYBERINTELLIGENTS
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Shaikhul Islam Chowdhury
 
Adsl lab
Adsl labAdsl lab
Adsl labVNG
 
Lab 4 marking
Lab 4 markingLab 4 marking
Lab 4 markingVNG
 
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...CBO GmbH
 
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...CBO GmbH
 

Similar to VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO (20)

PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
PBR-LB - Direct Server Return Load Balancing using Policy Based Routing (MEMO)
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_part
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGP
 
Labs ospf
Labs ospfLabs ospf
Labs ospf
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
 
IPv6_ROUTING_RIP
IPv6_ROUTING_RIPIPv6_ROUTING_RIP
IPv6_ROUTING_RIP
 
A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN A deep dive about VIP,HAIP, and SCAN
A deep dive about VIP,HAIP, and SCAN
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing
 
Icnd210 s08l02
Icnd210 s08l02Icnd210 s08l02
Icnd210 s08l02
 
What will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdfWhat will be quantization step size in numbers and in voltage for th.pdf
What will be quantization step size in numbers and in voltage for th.pdf
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성
 
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
Blueoptics bo35j13610dc_10gbase-lr_sfp+_receiver_1310nm_10km_singlemode_lc_du...
 
Day 20.1 configuringframerelay
Day 20.1 configuringframerelayDay 20.1 configuringframerelay
Day 20.1 configuringframerelay
 
Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34Simulation and Performance Analysis of AODV using NS-2.34
Simulation and Performance Analysis of AODV using NS-2.34
 
Adsl lab
Adsl labAdsl lab
Adsl lab
 
Lab 4 marking
Lab 4 markingLab 4 marking
Lab 4 marking
 
Day 20.3 frame relay
Day 20.3 frame relay Day 20.3 frame relay
Day 20.3 frame relay
 
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
Blueoptics bo55j27640d 10gbase-bx-u sfp+ transceiver 40km singlemode lc duple...
 
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
Blueoptics bo55j27610d 10gbase-bx-u sfp+ transceiver 10km singlemode lc duple...
 

More from Naoto MATSUMOTO

Alder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature MonitoringAlder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature MonitoringNaoto MATSUMOTO
 
CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化Naoto MATSUMOTO
 
2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)Naoto MATSUMOTO
 
防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察Naoto MATSUMOTO
 
旅するパケットの見える化
旅するパケットの見える化旅するパケットの見える化
旅するパケットの見える化Naoto MATSUMOTO
 
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91Naoto MATSUMOTO
 
災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化Naoto MATSUMOTO
 
BeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep diveBeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep diveNaoto MATSUMOTO
 
Network Adapter Deep dive
Network Adapter Deep diveNetwork Adapter Deep dive
Network Adapter Deep diveNaoto MATSUMOTO
 
x86_64 Hardware Deep dive
x86_64 Hardware Deep divex86_64 Hardware Deep dive
x86_64 Hardware Deep diveNaoto MATSUMOTO
 
ADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheetADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheetNaoto MATSUMOTO
 
3/4G USB modem Cheat Sheet
3/4G USB modem Cheat Sheet3/4G USB modem Cheat Sheet
3/4G USB modem Cheat SheetNaoto MATSUMOTO
 
How To Train Your ARM(SBC)
How To Train Your ARM(SBC)How To Train Your ARM(SBC)
How To Train Your ARM(SBC)Naoto MATSUMOTO
 
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~Naoto MATSUMOTO
 
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)Naoto MATSUMOTO
 
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化Naoto MATSUMOTO
 

More from Naoto MATSUMOTO (20)

Alder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature MonitoringAlder Lake-S CPU Temperature Monitoring
Alder Lake-S CPU Temperature Monitoring
 
CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化CPU製品出荷状況と消費電力の見える化
CPU製品出荷状況と消費電力の見える化
 
5Gの見える化
5Gの見える化5Gの見える化
5Gの見える化
 
2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)2023年以降のサーバークラスタリング設計(メモ)
2023年以降のサーバークラスタリング設計(メモ)
 
防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察防災を考慮した水中調査の一考察
防災を考慮した水中調査の一考察
 
旅するパケットの見える化
旅するパケットの見える化旅するパケットの見える化
旅するパケットの見える化
 
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91LTE-M/NB IoTを試してみる nRF9160/Thingy:91
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
 
災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化災害時における無線モニタリングによる社会インフラの見える化
災害時における無線モニタリングによる社会インフラの見える化
 
BeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep diveBeautifulSoup / selenium Deep dive
BeautifulSoup / selenium Deep dive
 
AMDGPU ROCm Deep dive
AMDGPU ROCm Deep diveAMDGPU ROCm Deep dive
AMDGPU ROCm Deep dive
 
Network Adapter Deep dive
Network Adapter Deep diveNetwork Adapter Deep dive
Network Adapter Deep dive
 
RTL2838 DVB-T Deep dive
RTL2838 DVB-T Deep diveRTL2838 DVB-T Deep dive
RTL2838 DVB-T Deep dive
 
x86_64 Hardware Deep dive
x86_64 Hardware Deep divex86_64 Hardware Deep dive
x86_64 Hardware Deep dive
 
ADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheetADS-B, AIS, APRS cheatsheet
ADS-B, AIS, APRS cheatsheet
 
curl --http3 cheatsheet
curl --http3 cheatsheetcurl --http3 cheatsheet
curl --http3 cheatsheet
 
3/4G USB modem Cheat Sheet
3/4G USB modem Cheat Sheet3/4G USB modem Cheat Sheet
3/4G USB modem Cheat Sheet
 
How To Train Your ARM(SBC)
How To Train Your ARM(SBC)How To Train Your ARM(SBC)
How To Train Your ARM(SBC)
 
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
 
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
 
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 

Recently uploaded (20)

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

VVyatta Core 6.5R1 Policy Base Routing mechanism MEMO

  • 1. Vyatta Core 6.5R1 Policy Base Routing mechanism $ sudo iptables --list -t mangle -v –n : Chain PREROUTING (policy ACCEPT 2253 packets, 127K bytes) pkts bytes target prot opt in out source destination 2254 127K VYATTA_FW_IN_HOOK all -- * * 0.0.0.0/0 0.0.0.0/0 Chain VYATTA_FW_IN_HOOK (1 references) pkts bytes target prot opt in out source destination 218 20026 SRC-PORT-SLB all -- eth0 * 0.0.0.0/0 0.0.0.0/0 set interfaces ethernet eth0 policy route 'SRC-PORT-SLB' Chain SRC-PORT-SLB (1 references) pkts bytes target prot opt in out source destination 0 0 VYATTA_PBR_10 tcp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 udp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-10 */ multiport sports 1:65535 0 0 VYATTA_PBR_10 icmp -- * * 0.0.0.0/0 W.W.W.W /* SRC-PORT-SLB-20 */ 218 20026 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 /* SRC-PORT-SLB-10000 default-action accept */ set policy route SRC-PORT-SLB rule 10 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 10 protocol 'tcp_udp' set policy route SRC-PORT-SLB rule 10 source port '1-65535' set policy route SRC-PORT-SLB rule 20 destination address 'W.W.W.W' set policy route SRC-PORT-SLB rule 20 protocol 'icmp' Chain VYATTA_PBR_10 (3 references) pkts bytes target prot opt in out source destination 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x80000009 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 $ sudo ip rule list 0: from all lookup local set policy route SRC-PORT-SLB rule 10 set table '10' 10: from all fwmark 0x80000009 lookup 10 set policy route SRC-PORT-SLB rule 20 set table '10‘ 32766: from all lookup main 32767: from all lookup default set protocols static table 10 route 0.0.0.0/0 next-hop 'R.R.R.R' $ sudo ip route show table 10 default via R.R.R.R dev eth1 proto zebra Source: SAKURA Internet Research Center. 01/2013: Project THORN