Alfredo Giordano
2003-May-31 18:52 UTC
Multiple Link with Nat and linux bw management / routing
This is a multi-part message in MIME format.
------=_NextPart_000_08A1_01C327B6.810CD9A0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi folks,
Has been several days I am going throught this but I couldn't make it to =
work.
this is my current scenario:
E1 pipe=20
|
cisco 3620 with wccp
|
switch1 --------- squid transparent server
|
eth1
linux bridge with htb bw management per IP
eth0
|
switch2
|
class C routed network to clients
I want to modify this adding an ADSL connetcion (dynamic IP address) in =
to the network. I would like to have fail over but not load balancing, I =
will decide if a single ip gets routed by default gw or to the adsl =
connection. Beside that I would like to keep the transparent proxy.
Problems I am facing to are:
1. connection routed to adsl connection must be natted the other one not
2. how to manage the upload bw (no problem for download because I can =
shape on eth0)
3. keep the transparent proxy for both connections.
we are trying two different aproaches:
E1 pipe ADSL pipe
| |
cisco 3620 bb router
| |
-----------------------------------
|
switch1
|
linux router with iptables (maybe wccp? or simply port =
redirection)
|
switch2---squid transparent server
|
class c routed network segment
that leaves out the bw management wich **I NEED** unless I can find an =
efficient way to mark squid packets with their original source IP.
the other idea:
E1 pipe ADSL pipe
| |
cisco 3620 |
| |
eth1 eth2(ppp0)
----------linux router---------
eth0 eth3
| |
| squid transparent server
|
class c routed network segment
that has exponential complications and needs to find a machine that can =
support 4 eth cards without errors.
Any suggestion on the linux and/or the general design? This thing is =
driving me crazy.
Thanks in advance
Alfredo Giordano
------=_NextPart_000_08A1_01C327B6.810CD9A0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3502.5390" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>
<DIV>
<DIV><FONT face=3DArial size=3D2>Hi folks,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Has been several days I am going =
throught this but=20
I couldn't make it to work.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>this is my current =
scenario:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>E1 pipe </FONT></DIV>
<DIV><FONT face=3DArial
size=3D2> =
|</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>cisco 3620 with
wccp</FONT></DIV>
<DIV><FONT face=3DArial
size=3D2> =
|</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> switch1 --------- squid
=
transparent=20
server</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> |</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>
eth1</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>linux bridge with htb bw management
per =
IP</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> eth0</FONT></DIV>
<DIV><FONT face=3DArial
size=3D2> =
|</FONT></DIV>
<DIV><FONT face=3DArial
size=3D2> switch2</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> |</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>class C routed network to =
clients</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>I want to modify this adding an
ADSL =
connetcion=20
(dynamic IP address) in to the network. I would like to have fail over =
but not=20
load balancing, I will decide if a single ip gets routed by default gw =
or to the=20
adsl connection. Beside that I would like to keep the transparent=20
proxy.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Problems I am facing to =
are:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>1. connection routed to adsl
connection =
must be=20
natted the other one not</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2. how to manage the upload bw (no
=
problem for=20
download because I can shape on eth0)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>3. keep the transparent proxy for
both=20
connections.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>we are trying two different =
aproaches:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>E1=20
pipe &nb=
sp; =20
ADSL pipe</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
| =
&=
nbsp; |</FONT></DIV>=
<DIV><FONT face=3DArial size=3D2>cisco=20
3620 &nb=
sp; bb=20
router</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
| =
&=
nbsp; =20
|</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> -----------------------------------</FONT></DI=
V>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; |</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; =20
switch1</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; =20
|</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> linux=20
router with iptables (maybe wccp? or simply port =
redirection)</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; |</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; switch2---squid=20
transparent server</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; =20
|</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; =20
class c routed network segment</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>that leaves out the bw management
wich =
**I NEED**=20
unless I can find an efficient way to mark squid packets with their =
original=20
source IP.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>the other
idea:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>E1=20
pipe &nb=
sp; =20
ADSL pipe</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
| =
&=
nbsp; |</FONT></DIV>=
<DIV><FONT face=3DArial size=3D2>cisco=20
3620 &nb=
sp; =20
|</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
| =
&=
nbsp; =20
|</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2> eth1 =
&=
nbsp; =20
eth2(ppp0)</FONT></DIV>
<DIV> ----------linux
router---------</DIV>
<DIV> eth0 &nbs=
p;  =
; eth3</DIV>
<DIV><FONT face=3DArial=20
size=3D2> | &nb=
sp; =20
=
=20
|</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> |</FONT><FONT=20
face=3DArial=20
size=3D2> &nbs=
p;  =
; =20
squid transparent server</FONT></DIV>
<DIV><FONT face=3DArial =
size=3D2> |</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>class c routed network =
segment</FONT></DIV>
<DIV> </DIV>
<DIV>that has exponential complications and needs to find a machine that =
can=20
support 4 eth cards without errors.</DIV>
<DIV> </DIV>
<DIV>Any suggestion on the linux and/or the general design? This thing =
is=20
driving me crazy.</DIV>
<DIV> </DIV>
<DIV>Thanks in advance</DIV>
<DIV> </DIV>
<DIV>Alfredo Giordano</DIV>
<DIV> </DIV>
<DIV> </DIV></FONT></DIV></DIV></FONT></DIV></BODY></HTML>
------=_NextPart_000_08A1_01C327B6.810CD9A0--