I have two ISP connections, and am having some issues. I can connect to
any services on the firewall, like the smtp gateway, but anything on the
internal server only works from one connection. The lartc guide has a
good example for what to do for services on the box, but leaves it open
for how to handle services on an internal host. I''ve tried using
iptables to mark the packets incoming, but that doesn''t seem to work.
ip route add default via 1.1.1.254 table T1 dev eth0
ip rule add from 1.1.1.2 table T1 ** Real IP
ip rule add from 1.1.1.3 table T1 ** eth0:0 IP
ip rule add from 1.1.1.4 table T1 ** eth0:1 IP
ip rule add fwmark 1 table T1
and similar for ISP connection #2, with:
ip route flush cache
as the last part. Any ideas on how to get connections through to the
internal server from both ISP''s?
ISP #1 --
\
-- Linux Firewall -- internal server
/
ISP #2 --
Thanks,
Dan
Daniel Wittenberg wrote:>I have two ISP connections, and am having some issues. I can connect to >any services on the firewall, like the smtp gateway, but anything on the >internal server only works from one connection. >I think we do what you''re trying to achieve, but before I spend the time to dive into the details, let''s confirm what you''re looking to do: You have two upstream connections and separate public IP subnet allocations from each ISP, yes ? You''re not running BGP, right ? You have a single Linux router that has three physical interfaces : one connects to ISP A, the next to ISP B and the third to the internal network, correct ? Let me know if I got all this right. If so then we run much the same setup here and I can tell you how we configured it (I do remember it took several days of reading kernel source code and tcpdump''ing to get it all working).
Sounds like you are right on track to what I''ve got. Dual - isp, no BGP (DSL connections),and 3 interfaces, with at least a /28 on each ISP connection. That would be great if you have any insight! Dan On Tue, 2005-10-11 at 17:58 -0600, David Boreham wrote:> Daniel Wittenberg wrote: > > >I have two ISP connections, and am having some issues. I can connect to > >any services on the firewall, like the smtp gateway, but anything on the > >internal server only works from one connection. > > > I think we do what you''re trying to achieve, but before I spend > the time to dive into the details, let''s confirm what you''re looking to do: > You have two upstream connections and separate public IP > subnet allocations from each ISP, yes ? You''re not running BGP, right ? > You have a single Linux router that has three physical interfaces : > one connects to ISP A, the next to ISP B and the third to the internal > network, correct ? > > Let me know if I got all this right. If so then we run much the > same setup here and I can tell you how we configured it > (I do remember it took several days of reading kernel > source code and tcpdump''ing to get it all working). > > >
> Any ideas on how to get connections through to the > internal server from both ISP''s? > ISP #1 -- > \ > -- Linux Firewall -- internal server > / > ISP #2 --Looks like you have the same problems I had. Check if this works for you: http://mailman.ds9a.nl/pipermail/lartc/2005q3/016832.html Regards. -- Homepage : http://geocities.com/arhuaco The first principle is that you must not fool yourself and you are the easiest person to fool. -- Richard Feynman.
i have the same prob with this and i add some problem :-)
i have 2 isp, and got dhcp from them, and every 6 hour isp b refresh
the ip,default gw,ns and every 8 hour isp b refresh the ip,default
gw,ns
so i put 2 router and 1 gw
modem modem
| |
| dhcp | dhcp
Router Router
| 10.1.1.1 | 10.2.2.2
| |
\ /
\ /
gw
|
| 192.168.0.254
|
internal net
have a route like at http://lartc.org/howto/lartc.rpdb.multiple-links.html
this is to much ? having 2 router and more eth ?
Reasonably Related Threads
- DHCP Handling and Traffic Control over a Working Load Balanced Dual ISP Setup
- shaping by packet count rather than bytes ?
- Passing traffic between separate public subnets on same interface
- Routing for multiple uplinks/providers problem.
- Using a Dual WAN Load Balancing Device