LARTC - Aug 2005 - Multipath Routing..

Ok folks, here goes..

I have been boggling with a problem for the past week, and still
haven''t
found a solution..

I''m trying to route traffic from two providers through a Linux machine.
But that is not the problem. The ISP''s have provided me with a WAN IP 
class for both of the lines, to be routed into a DMZ where the machines 
a to respond to their respective designated WAN IP on both lines.
Every machine on the DMZ has two IP''s one on each ISP WAN Class.

I think I''ll better draw a map:


       WAN1(eth2), WAN2(eth3)
            ---------                             (eth0)
            |       |-----\                     ----------
            |  DMZ  |---\  \                /---|  ISP1  |-----
            ---------    \  \              /    ----------     \
                          \  \            /                     \
                          -----------------
                          |  Linux GW/FW  |                     WWW
                          -----------------
                          /               \       (eth1)        /
            ---------    /                 \    ----------     /
            |  LAN  |---/                   \---|  ISP2  |-----
            ---------                           ----------
               NAT(eth4)


The DMZ has two WAN IP classes routed from the ISP.

The thing I just can not figure out is how to make the respective WAN IP 
from the DMZ route out the right ISP link, and the right request from 
the ISP route into the DMZ.

.. and finally how can I make the LAN able to access it all..

Thanks for your time..

/Daniel Frederiksen

On Tue, Aug 16, 2005 at 06:11:26AM +0200, Daniel Frederiksen
wrote:
> Ok folks, here goes..
> 
> I have been boggling with a problem for the past week, and still
haven''t
> found a solution..
> 
> I''m trying to route traffic from two providers through a Linux
machine.
> But that is not the problem. The ISP''s have provided me with a WAN
IP
> class for both of the lines, to be routed into a DMZ where the machines 
> a to respond to their respective designated WAN IP on both lines.
> Every machine on the DMZ has two IP''s one on each ISP WAN Class.
> 
> I think I''ll better draw a map:
> 
> 
>       WAN1(eth2), WAN2(eth3)
>            ---------                             (eth0)
>            |       |-----\                     ----------
>            |  DMZ  |---\  \                /---|  ISP1  |-----
>            ---------    \  \              /    ----------     \
>                          \  \            /                     \
>                          -----------------
>                          |  Linux GW/FW  |                     WWW
>                          -----------------
>                          /               \       (eth1)        /
>            ---------    /                 \    ----------     /
>            |  LAN  |---/                   \---|  ISP2  |-----
>            ---------                           ----------
>               NAT(eth4)
> 
> 
> The DMZ has two WAN IP classes routed from the ISP.
> 
> The thing I just can not figure out is how to make the respective WAN IP 
> from the DMZ route out the right ISP link, and the right request from 
> the ISP route into the DMZ.
> 
> .. and finally how can I make the LAN able to access it all..
you need to use ip ru

my ip ru looks like 
0:      from all lookup local 
200:    from 141.168.16.16 lookup cable 
201:    from 220.233.15.63 lookup adsl 
32766:  from all lookup main 
32767:  from all lookup default 

I created 200 and 201 which means that all traffic that came in on the
cable 141.168.16.16 will go out the cable

ip ro sh tab cable
192.168.11.0/24 dev br0  scope link 
192.168.10.0/24 dev eth3  scope link 
192.168.9.0/24 dev eth4  scope link 
default via 141.168.16.1 dev eth0  src 141.168.16.16  metric 30 


and the routing tab for the adsl uses the adsl as its default gw.

does that help ?

> 
> Thanks for your time..
> 
> /Daniel Frederiksen
> 
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> 

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc