On 05/16/2011 01:52 PM, Red Baron wrote:> I am wanting to verify that I am properly using the MASQ for a series of
> hosts. I have 2 providers, and my providers file has the contents:
>
> #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
> OPTIONS COPY
> l3 1 100 main eth0.100 1.18.139.1
> track,loose,fallback eth1
> ws 2 200 main eth0.101 1.155.136.193
> track,balance eth1
> #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
>
>
>
> I have a host with internal IP address 172.16.5.254, that I have NAT
> inbound IP''s on both ISP''s to, and want to make sure that
outbound
> replies with the same IP.
>
>
> My MASQ file is where I address this, with the following:
>
> #INTERFACE SUBNET ADDRESS PROTO PORT(S)
> IPSEC
> eth0.100 172.16.5.254 1.18.139.7
> eth0.101 172.16.5.254 1.155.136.199
> #Catch All Masq
> eth0.100 !1.18.139.0/26 1.18.139.2
> eth0.101 !1.155.136.192/26 1.155.136.194
> #LAST LINE
>
>
> Is this proper use of MASQ?
The first two are unnecessary since they are included in the second two.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Achieve unprecedented app performance and reliability
What every C/C++ and Fortran developer should know.
Learn how Intel has extended the reach of its next-generation tools
to help boost performance applications - inlcuding clusters.
http://p.sf.net/sfu/intel-dev2devmay