LARTC - Jul 2004 - Help with dual internet connection

I have 2 connections to the internet.
1 is an ADSL the other is a 3MB link over satellite.

This is a portion of my firewall script

ip route flush table 3 2> /dev/null
ip rule delete table 3 2> /dev/null
ip route add table 3 127.0.0.0/8 dev lo scope link
ip route add table 3 89.0.0.0/8 dev eth0 scope link
ip rule add fwmark 3 table 3
ip route add table 3 default via $isp2_ip dev eth3
ip route flush cache
iptables -t mangle -A PREROUTING -p tcp -s $ip_set2 --dport $http -j MARK
--set-mark 3
iptables -t mangle -A PREROUTING -p tcp --dport $ftp -j MARK --set-mark 3
iptables -t nat -A POSTROUTING -o $isp1_if -j SNAT --to-source $isp1_ip
iptables -t nat -A POSTROUTING -o $isp2_if -j SNAT --to-source $isp2_ip
iptables -A FORWARD -i $lan_if -j ACCEPT
iptables -A INPUT -p ALL -d $isp2_ip -m state --state ESTABLISHED,RELATED -j
ACCEPT
iptables -A INPUT -p ALL -d $isp1_ip1 -m state --state ESTABLISHED,RELATED
-j ACCEPT

Http & ftp works fine but if link1 is down only http works. Why is this?
Is there a proper/different way to setup internet access over 2 isp?
I need to route mail from the second isp to my mail server is the DMZ?




Gareth Segree
mailto:Gareth.Segree@gleanerjm.com <mailto:Gareth.Segree@gleanerjm.com> 
Technical Support Analyst
The Gleaner Company Ltd.
7 North Street
Kingston
Tel: 922-3400

> I have 2 connections to the internet.
> 1 is an ADSL the other is a 3MB link over satellite.
> 
> This is a portion of my firewall script
> 
> ip route flush table 3 2> /dev/null
> ip rule delete table 3 2> /dev/null
> ip route add table 3 127.0.0.0/8 dev lo scope link
> ip route add table 3 89.0.0.0/8 dev eth0 scope link
> ip rule add fwmark 3 table 3
> ip route add table 3 default via $isp2_ip dev eth3
> ip route flush cache
> iptables -t mangle -A PREROUTING -p tcp -s $ip_set2 --dport $http -j MARK
> --set-mark 3
> iptables -t mangle -A PREROUTING -p tcp --dport $ftp -j MARK --set-mark 3
> iptables -t nat -A POSTROUTING -o $isp1_if -j SNAT --to-source $isp1_ip
> iptables -t nat -A POSTROUTING -o $isp2_if -j SNAT --to-source $isp2_ip
> iptables -A FORWARD -i $lan_if -j ACCEPT
> iptables -A INPUT -p ALL -d $isp2_ip -m state --state ESTABLISHED,RELATED
> -j ACCEPT
> iptables -A INPUT -p ALL -d $isp1_ip1 -m state --state ESTABLISHED,RELATED
> -j ACCEPT
> 
> Http & ftp works fine but if link1 is down only http works. Why is
this?
> Is there a proper/different way to setup internet access over 2 isp?
> I need to route mail from the second isp to my mail server is the DMZ?
> 
> 
> 
> 
> Gareth Segree
> mailto:Gareth.Segree@gleanerjm.com
<mailto:Gareth.Segree@gleanerjm.com>
> Technical Support Analyst
> The Gleaner Company Ltd.
> 7 North Street
> Kingston
> Tel: 922-3400
>