Hi all, I'm having a problem with multiple internet providers. According to all t= he=20 things I have found so far it should not be that uncomplicated to set it = up -=20 however, I'm having some problems getting it to work. Firsth the scenario - I'm having 2 Internet providers, one fast with 32 s= tatic=20 IP's and one slow with dynamic IP's. Internally we are using a private ne= t=20 which is set up for 32 ip's. Now, we have to map all 32 static ip's to th= e=20 private IP's so all machines can be reached externally through the static= =20 net. The default route is suppose to be the slow ISP. So far, I have found that I need to set up the routing using marking, and= then=20 set up the rules so it work accordingly. But this appears to just work wi= th=20 static routing, not when one of the providers is dynamic! Does anyone have some suggestions for what to do? /Kim
Kim, : I'm having a problem with multiple internet providers. According to all : the things I have found so far it should not be that uncomplicated to : set it up - however, I'm having some problems getting it to work. You are correct. It is not uncomplicated. It is also not difficult. :) : Firsth the scenario - I'm having 2 Internet providers, one fast with 32 : static IP's and one slow with dynamic IP's. Internally we are using a : private net which is set up for 32 ip's. Now, we have to map all 32 : static ip's to the private IP's so all machines can be reached : externally through the static net. The default route is suppose to be : the slow ISP. : : So far, I have found that I need to set up the routing using marking, : and then set up the rules so it work accordingly. That's one approach, documented here: http://linux-ip.net/html/adv-multi-internet.html This only works if you are not trying to perform link load balancing. If that is your intended goal, you'll need to check out the Nano-HOWTO (Hey Julian--this appears to be missing right now): http://www.linuxvirtualserver.org/~julian/nano.txt : But this appears to just work with static routing, not when one of the : providers is dynamic! It doesn't matter that the IPs are dynamic, just that you can alter the affected routing table when you get a new dynamic IP. If you are using rp-pppoe, you'll want to perform your additional routing table manipulations in ip-up.local. And also, unless you have a routing daemon, you are using static routing. A dynamic IP address is simply that--your network-connected machine is still performing static routing, though it has a dynamic address. Since you have a dynamic IP on one interface, you may wish to use the -j MASQUERADE target instead of the -j SNAT target. : Does anyone have some suggestions for what to do? Do the above suggestions help? -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
Hello, On Tue, 18 Mar 2003, Martin A. Brown wrote: > that is your intended goal, you'll need to check out the Nano-HOWTO (Hey > Julian--this appears to be missing right now): > > http://www.linuxvirtualserver.org/~julian/nano.txt The source site is: http://www.ssi.bg/~ja/ The old URL is still maintained but as mirror, not under my control, may be it is now back as redirect (http://www.linuxvirtualserver.org/~julian/) to the primary site. Regards -- Julian Anastasov <ja@ssi.bg>
On Tuesday 18 March 2003 17:47, Martin A. Brown wrote: > That's one approach, documented here: > > http://linux-ip.net/html/adv-multi-internet.html > Hi Martin, Thanks for the help, I got started but have a strange problem. According = to=20 the adv-multi-internet.html doc, I should set up a couple of simple rules= ,=20 first the IP routing, which seems to be running smoothely, secondly, I ha= ve=20 to set up the iptables rules as well, this is also fairly straightforward= =2E Now, the interesting (or actually not!) things begin, my box gets packets= in,=20 which is suppose to be routed, I can DNAT them, but after that they simpl= y=20 disappear - they never reach the forward chain!!! Is there a reason why? /Kim
Hi there Kim, : Thanks for the help, I got started but have a strange problem. : According to the adv-multi-internet.html doc, I should set up a couple : of simple rules, first the IP routing, which seems to be running : smoothely, secondly, I have to set up the iptables rules as well, this : is also fairly straightforward. Does that mean you have had success passing packets over multiple links? Or perhaps no success yet? : Now, the interesting (or actually not!) things begin, Sometimes, interesting is not good. But, at least, interesting is the way to understanding.... : my box gets packets in, which is suppose to be routed, I can DNAT them, : but after that they simply disappear - they never reach the forward : chain!!! Is there a reason why? Sounds like a routing problem. Post "ip rule show", and "ip route show table $TABLEID" for your main routing table, and the other routing tables, and if you can, a textual description of the network, or a simple ASCII network map. -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com