Ronald Wiplinger
2003-Feb-17 23:59 UTC
[Shorewall-users] Two Internet connection possible?
I have two ADSL lines and an Internal LAN. I want: eth0: ADSL-1 got 8 IP, but only one is used for the Linux box eth1: ADSL-2 got 1 IP only eth2: waiting for ADSL-3 ;-) eth3: Internal LAN 192.168.x.x I use now: eth0: ADSL-1 got 8 IP, but only one is used for the Linux box eth1: free eth2: free eth3: Internal LAN 192.168.x.x Internal LAN has a small ADSL router, which does not DHCP, but NAT to the same IP space. I can reach all computers on the Internal LAN. I can reach from each internal computer via ADSL router the Internet. I can reach from the Internet the servers (one of them is the Linux box with the 4 port LAN card). This Linux server also provides DHCP with the gateway. In addition I have IPv6 on the ADSL-1, but would like to have IPv6 via ADSL-2. At this time, I just want to kick out this ADSL router and do the same with the four port cards. After successfully done this, I would like to start with static routing to the two providers, and later with zebra update the static routes frequently. Can I do that with Shorewall ??? bye Ronald -- Open WebMail Project (http://openwebmail.org)
Ronald Wiplinger wrote: > In addition I have IPv6 on the ADSL-1, but would like to have IPv6 via ADSL-2. Shorewall doesn''t support IPV6. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Ronald Wiplinger
2003-Feb-18 14:14 UTC
[Shorewall-users] Two Internet connection possible?
Tom Eastep wrote:> Ronald Wiplinger wrote: > > > In addition I have IPv6 on the ADSL-1, but would like to have IPv6 > via ADSL-2.OK, .... ... and what is the answer to the rest to the subject? Thanks!> > Shorewall doesn''t support IPV6. > > -Tom-- Ronald Wiplinger (CEO of ELMIT) http://www.elmit.com +886 (0) 915 653-452 - I''m a SpamCon Foundation Member, #694, Verify it at http://www.spamcon.org PS: Spam prevention! Our system is protected with a spam prevention program. If you send us an e-mail, our system will send you a confirmation message back. Just reply to this confirmation message please. After receiving this confirmation message, our system will send the hold message (one) and all future messages (after the received confirmation message) to me without asking you again.
Ronald Wiplinger wrote:> Tom Eastep wrote: > >> Ronald Wiplinger wrote: >> >> > In addition I have IPv6 on the ADSL-1, but would like to have IPv6 >> via ADSL-2. > > > > OK, .... > > ... and what is the answer to the rest to the subject? > > Thanks!With the exception of the IPv6 requirement, I believe that Shorewall can be part of a solution to your problem. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Ronald Wiplinger wrote: > > > How to setup for this task? > In Shorewall, you simply define your ''net'' zone with multiple interfaces (one for each ISP). If you are using masquerade or SNAT, you will need to define it for each of these external interfaces as well. Start with http://www.shorewall.net/shorewall_quickstart_guide.htm -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net