similar to: Multipath routing + traffic separation problem.

Hi all, I''ve a routing problem. I''m setting up a router based on debian (kernel 2.4). I need to setup routing to export an ftp service (ftp server is in dmz) to 2 wan (both). I setup prerouting ad forward rule with no problem. The problem is that reply packet use default gateway (default wan) even though they are enter using the other wan. I solved it marking packets in input

Hi, I have a linux box which balances load between two interfaces ( say WAN1 and WAN2). I have masquerading on for any request coming from LAN to the outside world. The setup is in such a way that WAN1 drops packets with source ip belonging to WAN2''s network and viceversa. For some strange reason, I find that packet coming out from the WAN interface has source address of WAN2 and

Hi Tom (and others) encase you don''t know my network already ;) here''s a quick run down eth0 lan 192.168.1.1/255.255.255.0 eth1 wan1 172.30.7.4/255.255.240.0 eth2 wan2 202.37.230.93/255.255.255.192 eth3 wan3 203.96.213.73/255.255.254.0 I''ve got routes and rules for all the above interfaces :) I want to add another one, however I fear this might cause some issues I have

I am developing load balancing router, But I have a question about fail over. The follow diagram is my test environment and scripts. ------------------------------------------------------------------- Environment Setting PC1(192.168.10.2) | (LAN) | PC2-eth2(192.168.10.1) +

Hi There is a Centos 7 up-to-date box with 2 interfaces, let's say 192.168.1.12 - enp2s0, 192.168.1.13 on enp3s0. Default gateway on enp2s0. The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections On the gateway the outgoing traffic is routed by source ip to different WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2 On the centos box are set all the route and routing rules:

Ok folks, here goes.. I have been boggling with a problem for the past week, and still haven''t found a solution.. I''m trying to route traffic from two providers through a Linux machine. But that is not the problem. The ISP''s have provided me with a WAN IP class for both of the lines, to be routed into a DMZ where the machines a to respond to their respective

I have tried using iptraf for my NAT firewall to analyse the IP traffic. Basically I am faced with this difficulty of related the source IP to the outgoing interface to the internet, so I am wondering if anyone has a suggestion for a different ways to do it, or a suggestion for a better tool. Details :- Supposed : eth0 - LAN eth1 - WAN1 eth2 - WAN2 And then

Hello folks.. Does any of you know if it is possible to rewrite the ip src in a packet. I have a problem involving a DMZ with external IP addresses routed trough a single WAN IP. When the server initiates a connection, it looks like it comes from the WAN ip instead of it''s designated External IP routed through the WAN. So in short, Is it possible to rewrite the packet in the router,

Hi, I''ve been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano! Once implemented, I''ve found that due to some reason packets aren''t properly marked (or improperly remarked) and sent out using the wrong interface. My topo setup is:

Hi, this is my first post to the list. I have googled a lot, and still cannot find a proper solution. I hope someone here will be able to shed some light on my doubts. I have set up a firewall using kernel 2.6.15 (Debian) that does NAT for 100 clients, and uses two different ISPs, using the howto found at http://lartc.org/howto/lartc.rpdb.multiple-links.html. I have *not*

IMHO, i believe that it would be more realistic to have one router providing load balancing/dead gateway to one/several subnet(s). otherwise, each server/user would have to do their own load balancing for each subnet! that, or you would need 3 routers, one for each subnet and a linux router doing the load balancing in the middle. with 3 routers, the load balancing configurations

Hi, I have searched the archives on the topic, and it seems that the list gurus favor load balancing to be done in the kernel as opposed to other means. I have been using a home-grown approach, which splits traffic based on `-m statistic --mode random --probability X`, then CONNMARKs the individual connections and the kernel happily routes them. I understand that for > 2 links it will become

Background: WAN1 - Fixed IP low latency, low jitter WAN2 - Fixed IP medium latency, higher jitter than I like for good VoIP Firewall/Router not SIP aware NATed LAN Asterisk on server located on LAN. Most, but not all ATA/IP phones on LAN In the past I was running a v1.2 Asterisk which acted as a B2BUA (all RTP streams relayed through Asterisk server) thus presenting only one SIP device to the

Hello, I''m trying to setup an 8 port wan configuration (pptp+pppoe) with one vlan trunk. My internal networks are : LAN(eth9): 10.0.0.0/16 VLAN10(eth9) 10.10.0.0/24 VLAN20(eth9) 10.20.0.0/24 VLAN30(eth9) 10.30.0.0/24 VLAN100(eth9) 10.100.0.0/24 I would like to post my configuration here since i don''t success to do the following: 1. Communicate between VLANxx to LAN

-----Original Message----- From: Salim S I [mailto:salim.si@cipherium.com.tw] Sent: Thursday, May 10, 2007 5:22 PM To: ''Francis Brosnan Blazquez'' Subject: RE: [LARTC] Load balancing using connmark "I think the main advantage of shorewall solution is that it applies connmark to incoming packets from the wan as you point, leaving load balancing to outgoing connections to the

> Message: 2 > Date: Fri, 03 Dec 2004 10:10:35 +1300 > From: Paul <lists@loudas.com> > Subject: [Shorewall-users] another network to add > To: Shorewall List <shorewall-users@lists.shorewall.net> > Message-ID: <41AF84CB.5080304@loudas.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi Tom (and others) > encase you

Hello, I am thinking of connecting a Shorewall Firewall to three different ISPs and load balancing some but not all connections. Just asking for some advice for now. Here''s the network layout: ISP1 ISP2 ISP3 ADSL Router 1 ADSL Router 2 ADSL Router 3 | | | FW:eth0 FW:eth1 FW:eth2

Hi, You can define your default gateway in "/etc/sysconfig/network" file, GATEWAY="192.168.1.1" After that, restart network services. # systemctl restart network --Regards Ashishkumar S. Yadav On Mon, Aug 8, 2016 at 4:35 PM, Levente Birta <blevi.linux at gmail.com> wrote: > Hi > > There is a Centos 7 up-to-date box with 2 interfaces, let's say >

Dear tinc members! Recently I ran into some problems when trying to test the new tinc 1.1 builds under windows. The main problem is that the tincd daemon randomly hangs (usually in first 1-3 minutes after start). Sometimes it happens quietly, and the log does not display anything. But from time to time, there are bunch of decryption errors ("Error while decrypting: error:06065064:digital

Hi all, I''ve been using shorewall 3 (3.4.8 now) for a while on a simple gateway setup for my office. Routing is enabled only for a few hosts and all user access the internet thru squid, which is running on the shorewall box. I have a few other services on this box and some others on another server, but they don''t matter for what I need. Quick and dirty schematics to illustrate