I have both cable and dsl service. The router attached to the cable service is 192.168.0.1 and the router attached to the dsl service is 192.168.0.254. I determine which service my computers communicate through by setting the gateway assignment to either of those addresses and it just works. I can connect to my computers from the outside by port forwarding from my routers to the computer that I want to connect to. However, the outside ssh connection works only if the computer's gateway assignment matches the router that I'm connecting to. I suspect that I have to set up some sort of routing assignment to tell the computer to reply to the gateway that the ssh connection request came in on if it doesn't match the current gateway assignment, but I have no idea how to do that. -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
Gordon Messmer
2014-Nov-10 22:35 UTC
[CentOS] outside ssh connection from two different ISP's
On 11/10/2014 02:11 PM, Frank Cox wrote:> However, the outside ssh connection works only if the computer's gateway assignment matches the router that I'm connecting to. I suspect that I have to set up some sort of routing assignment to tell the computer to reply to the gateway that the ssh connection request came in on if it doesn't match the current gateway assignment, but I have no idea how to do that.What you're describing is multi-homing, and it's fairly complex. You'll need to 1) create routing tables for each ISP, 2) mark incoming NEW connections based on the MAC of the router that forwarded the new connection, and 3) create ip rules to associate a connection with the correct routing table. This article partially covers what you need to do, and might get you started: https://blogs.oracle.com/networking/entry/advance_routing_for_multi_homed You might also consider using Shorewall to manage the tables and rules rather than handling that yourself: http://shorewall.net/MultiISP.html
Jack Bailey
2014-Nov-10 22:38 UTC
[CentOS] outside ssh connection from two different ISP's
On 11/10/2014 2:11 PM, Frank Cox wrote:> I have both cable and dsl service. The router attached to the cable service is 192.168.0.1 and the router attached to the dsl service is 192.168.0.254. I determine which service my computers communicate through by setting the gateway assignment to either of those addresses and it just works. > > I can connect to my computers from the outside by port forwarding from my routers to the computer that I want to connect to. > > However, the outside ssh connection works only if the computer's gateway assignment matches the router that I'm connecting to. I suspect that I have to set up some sort of routing assignment to tell the computer to reply to the gateway that the ssh connection request came in on if it doesn't match the current gateway assignment, but I have no idea how to do that. >I also have two ISPs at home. I have a Peplink to manage this now, but before that I some commands in rc.local. I had two networks and two NICs on my workstation. This used to work on CentOS 6. ############################## # symetric routing # ############################## NIC1=eth0 IP1=192.168.1.6 GW1=192.168.1.1 NET1=192.168.1.0/24 NIC2=eth1 IP2=192.168.2.6 GW2=192.168.2.1 NET2=192.168.2.0/24 DEFGW=$GW2 cat << EOF > /etc/iproute2/rt_tables # # reserved values # 255 local 254 main 253 default 0 unspec # # local # #1 inr.ruhep # symetric routing 101 T1 102 T2 EOF # routing and default gateway for each interface ip route add $NET1 dev $NIC1 src $IP1 table T1 ip route add default via $GW1 table T1 ip route add $NET2 dev $NIC2 src $IP2 table T2 ip route add default via $GW2 table T2 # regular routes ip route add $NET1 dev $NIC1 src $IP1 ip route add $NET2 dev $NIC2 src $IP2 # preference for default route route delete default ip route add default via $DEFGW # rules ip rule add from $IP1 table T1 ip rule add from $IP2 table T2 # enable routing echo 1 > /proc/sys/net/ipv4/ip_forward Good luck, Jack