iproute2, 2 inet lines, 2 interfaces, 2 ssh tunnels

When sshd deals with port forwarding and tunneling it seems to re
encapsulate the outgoing packets and use the default route for
determining which interface or internet line to send it out on. I
have two internet lines and I want to change this behavior so that
sshd will forward the tunnel back out through the same internet line
the tunnel was setup on.

DETAIL:
the setup i have is a server connected to two different ADSL lines
using two different network cards. I would like to ssh through adsl_1
and have the tunnel (dynamic) go back out that same line. in the same
manner id like the tunnel setup through adsl_2 go back out through
adsl_2. The problem is that sshd uses the default at all times when
reencapsulating packets.


Currently I have iproute2 configured as follows:
ip route flush table adsl1
ip route flush table adsl2
#setup table for ADSL1, 1.2 is the network card of the linux pc
ip route add 192.168.1.0/24 dev eth0 src 192.168.1.2 table adsl1
ip route add default via 192.168.1.1 table adsl1
#setup table for ADSL2, 2.2 is the network card of the linux pc
ip route add 192.168.2.0/24 dev eth1 src 192.168.2.2 table adsl2
ip route add default via 192.168.2.1 table adsl2
#setup route rules:
ip rule add from 192.168.1.2 table adsl1
ip rule add from 192.168.2.2 table adsl2


The only solution I can think of as yet is to create iptable rules per
sshd PID. This is ugly and i am guessing will require extensive
debugging to deal with child processes.

NOTE: i did follow the advanced linux routing howto closely:
http://lartc.org/howto/lartc.rpdb.multiple-links.html
and while this allows the ssh tunnels to get setup they are all still
funneled out through the global default route. I've also tried
running separate sshd instances bound to each interface seperately in
hopes that that sshd would create packets with that interface as the
source, theyby causing it to be routed out the proper interface by
iproute2. but this isnt the case, the sshd running on the linux
interface for adsl2 will still route according to the global default,
out adsl1, EVEN though this instance of sshd is only listening to the
interface on adsl2.


On Mar 27, 11:16 am, "cyphunk" <cyph...@gmail.com> wrote:
> When sshd deals with port forwarding and tunneling it seems to re
> encapsulate the outgoing packets and use the default route for
> determining which interface or internet line to send it out on. I
> have two internet lines and I want to change this behavior so that
> sshd will forward the tunnel back out through the same internet line
> the tunnel was setup on.
>
> DETAIL:
> the setup i have is a server connected to two different ADSL lines
> using two different network cards. I would like to ssh through adsl_1
> and have the tunnel (dynamic) go back out that same line. in the same
> manner id like the tunnel setup through adsl_2 go back out through
> adsl_2. The problem is that sshd uses the default at all times when
> reencapsulating packets.
>
> Currently I have iproute2 configured as follows:
> ip route flush table adsl1
> ip route flush table adsl2
> #setup table for ADSL1, 1.2 is the network card of the linux pc
> ip route add 192.168.1.0/24 dev eth0 src 192.168.1.2 table adsl1
> ip route add default via 192.168.1.1 table adsl1
> #setup table for ADSL2, 2.2 is the network card of the linux pc
> ip route add 192.168.2.0/24 dev eth1 src 192.168.2.2 table adsl2
> ip route add default via 192.168.2.1 table adsl2
> #setup route rules:
> ip rule add from 192.168.1.2 table adsl1
> ip rule add from 192.168.2.2 table adsl2
>
> The only solution I can think of as yet is to create iptable rules per
> sshd PID. This is ugly and i am guessing will require extensive
> debugging to deal with child processes.