similar to: Applications running on the Firewall (MultiISP)

Dear list, Shorewall is running here with 2 ISP''s: ISP1: corporate ADSL-line with fixed set of IP''s ISP2: fast consumer-grade cable-connection with higher bandwidth All our main traffic (web, e-mail) is routed trough ISP1. Only for special purposes (frequent large ftp-transfers) ISP2 is used, configured trough tcrules. ISP2 is not so reliable as ISP1 (duh) and they sometimes

Hi all I have been working with Shorewall connected to two ISPs lately, and I would like to suggest a couple of improvements to the MultiISP.html documentation page. I followed the examples in that page (but the legacy setup and the USE_DEFAULT_RT one), but I had problems with locally (by the firewall) generated packets: I wanted them to go out using only one ISP, but if I use a tcrules rule to

I have an application which uses send_file to send a ZIP file to the client. This works nicely when it''s run on our development OS-X boxes, using mongrel from script/server, but on our production server, using mongrel behind Apache 2.2. with mod_proxy_balancer, the client gets 1 byte delivered :-( If I use wget -S to the URL in order to see the full headers I see this on

Hi, is it possible to have 2 different ISP in one server? i have 2 NIC cards im going to config ISP1 in NIC1 and ISP2 in NIC2? what should be the configuration for this setup? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20070412/4c62019f/attachment-0004.html>

Hi all and specially Mr. Tom.... (Please, do not be acid with me please! I am only a newbie, trying learn more about shorewall) I get involved with a Firewall Project in a customer here in my city... In this customer, he has two Internet Providers. So, he ask me how make certain connection following one routing path (like RT_1) and others connections type, following the other routing path

Hello, Thanks for the great Shorewall which has replaced my hard to maintain home-made scripts. First, what works. Our local network is 10.48.X.X with multiple vlan, each on a dedicated interface. We use Shorewall 4.4.11 from Debian Squeeze. We have a 2 ISP: - isp1 : an optical fiber provider with 10 Mbps. - isp2 : a DSL provider with 15Mbits/1Mbits. We use isp2 as the default outgoing

hi all, i have this situation: isp1 | dmz ----- FW linux ----- isp2 |----------------------------------- vpn concentrator ----- various ipsec lan-2-lan | LAN In lan i have "pc zone" and "server zone", same network. Dmz and server zone browse internet through isp1, lan use isp2, and remote

Hi, I am migrating from one ISP to another, and would like to run both simultaneously for a while. So: (both netmask 255.255.255.248) [ISP1] 24.106.62.180 [ISP2] 209.181.237.230 | | | | \ / -----[ HUB ]----- | | -------- eth0 --------- | Linux FW/Server | ---------eth1 --------- | | [ HUB ] | 10.0.0.x/255.255.255.0 The default IP on

I recently moved an app. from lighttpd + fastcgi to apache 2.2 + mod_proxy_balancer + Mongrel. On lighttpd, I was using basic authentication with a configuration like this: auth.backend = "htpasswd" auth.backend.htpasswd.userfile = "/path/to/htpasswd" auth.require = ("/" => ("method" => "basic", "realm" => "My

I''m planning a multi isp setup and cafully read the documentation. One thing that bothers me is the masq file. The example uses a single ip address on each public interface. I have multiple addresses on both public interfaces (16 on one and 64 on the other). I''m a bit confused about what to put in the masq file in this situation. Any insights would be appreciated. Ronald --

Hi there. Currently, our network design has two ISP lines and 3 subnets for LAN. Below are some details :- eth0 - isp1 eth1 - isp2 eth2 - subnet1 eth3 - subnet2 eth4 - subnet3 What i wanted to do is to assign incoming port 80 to our local squid server running on the firewall itself and assigned it to eth0(ISP1). I think it shouldnt be a problem as /etc/shorewall/rules provides a sample of the

I have a server, server A, with three NICs: two to the Internet via separate ADSL modems, and one to the LAN. The two ''net'' interfaces are configured as described at http://www.shorewall.net/MultiISP.html. This has been working for a number of months. I am now testing an OpenVPN link between server A and another (currently single-ISP) server (server B). I can establish the VPN

Hi all, I have managed to setup a Fedora 7 box with 3 ethernet cards and two ADSL modem/routers from different suppliers as LARTC recommends. I am able to direct traffic for specific internal IPs either to one or the other ADSL line. However, I am faced with two problems I am struggling for the solution: 1. I have opened a few ports on the ADSL router/firewalls to talk to internal hosts; say when

Hello everybody: Here is my "network layout": ISP1 ISP2 | | | | +-----eth0---------eth1------+ | | | FC 3 box | | | +-----eth2---------eth3------+ |

There is a big difference if you are not running a pure rails site. I am doing auth apache-side because I serve static content, perl scripts via cgi and feed the mongrel pack from Apache. The REMOTE_USER variable value can be passed to rails using a technique described deep down in one of the informative pieces on the Mongrel website. Bill On Mon, 12 Mar 2007 17:54:07 -0700, Matte Edens wrote:

Hi; I have two dsl lines, which the low bandwidth connection(ISP2) is only used for failover. My setup is showed below; \ ISP1 \ / \ ____/NAT My internal net |-----|___| / \NAT / \ / ISP2 However, my interfaces which these lines are connected are both

Below is a snippet from my firewall script isp1_ip="xx.0.5.20" isp1_gw="xx.0.5.1" isp1_net="xx.0.5.0/28" isp1_if="eth2" isp2_ip="xx.182.19.88" isp2_gw="xx.182.19.1" isp2_net="xx.182.19.0/28" isp2_if="eth3" lo_ip="127.0.0.1" lo_if="lo" lo_net="127.0.0.1/8"

Below is a snippet from my firewall script isp1_ip="xx.0.5.20" isp1_gw="xx.0.5.1" isp1_net="xx.0.5.0/28" isp1_if="eth2" isp2_ip="xx.182.19.88" isp2_gw="xx.182.19.1" isp2_net="xx.182.19.0/28" isp2_if="eth3" lo_ip="127.0.0.1" lo_if="lo" lo_net="127.0.0.1/8" ip rule delete

Hi, I got a problem with iproute and shorewall but I don''t know where the real problem is yet, perhaps someone can shed any light on this one. What we currently do is route all traffic coming from a specific host through our second isp''s nat router. This is done via SNAT on our own router. /etc/shorewall/masq: eth2 $INTERNALHOSTA 192.168.0.142 We now

ok i will do it in text: 66.92.114.46 eth0 209.141.2.194 eth1 192.168.119.101 eth2 192.168.120.101 eth3 What i have is a linux box RH7.3 which will eventually run Shorewall Firewall. On this box there is eth0 66.92.114.46 conneted to isp1 and eth1 209.141.2.194 connected to isp2 It also has eth2 192.168.119.101 and eth3 192.168.120.101 which will connect to a failover appliance which has 2 wan