My firewall''s configuratione is like this: |-FW--------------------| | eth0 - LAN | | IP1_ISP1 - eth1 | | IP1_ISP2 - eth2 | |-----------------------| I have configured firewall as specified on http://lartc.org/howto/lartc.rpdb.multiple-links.html and all works ok, except for connections between my firewall and other hosts of "other" ISP. Example: I have two DNS with public ip adddresses, one for each ISP: |-DNS1------------| | IP2_ISP1 - eth0 | |-----------------| |-DNS2------------| | IP2_ISP2 - eth0 | |-----------------| Ping from DNS1 to IP1_ISP1 of FW is ok (response from eth1 of FW). Ping from DNS1 to IP1_ISP2 of FW fails (response from eth1 of FW). Ping from DNS2 to IP1_ISP1 of FW fails (response from eth2 of FW). Ping from DNS2 to IP1_ISP2 of FW is ok (response from eth2 of FW). This is "normal" because packets return to DNS from "the right" interface, but in this case packets should retrun from incoming interface. How can I solve this problem? Thanks in advance. Lorenzo.
Sorry for delay in this response. I have just sent to you my working iproute/iptable config. I have also host connected to eth0 and all works ok, but remember that every host must have two ip address, one for each ISP. Daniel Wittenberg ha scritto:> I''ve been having some issues with this kind of setup, and was curious if > you''d mind sharing your iproute/iptables config that makes this work? I > had this working a few years ago, but something has broken and for the > life of me can''t find any reason why :( (and yes have read the lartc > pdf). Also, do you have hosts connected to eth0 that are accessed (via > nat) from both ISP connections? That''s where my biggest problem comes > from. Any help appreciated! > > Dan >