From: "Cristiano Soares" <stillnick2@terra.com.br>
To: lartc@vger.kernel.org
Subject: [LARTC] setup fail-over with redhat9...
Date: Wed, 07 Apr 2004 17:36:45 +0000 [thread overview]
Message-ID: <003501c41cc6$e604c0b0$6400a8c0@stillnicks> (raw)
[-- Attachment #1: Type: text/plain, Size: 3777 bytes --]
Hi. Im now decribeing my problem very clearly to see if anyone could help me.
I have 3 (three) nics in my system.
1 is for my internet network - (eth1)
2 are for my 2 adsl lines that i use to connect to the internet (eth2 is my "master" adsl line) and (eth0 is my "slave" adsl line).
I know that to make redundance work ill have to setup the ip route and ip rule in my system. To do that, i found a bash script called "NETSANE - http://muse.linuxmafia.org/netsane/". I have to change somethings like interface of the first and second lines in netsane.conf. So, i did all the changes needed. Looking good so far, i can ping outside sites the both eth2 and eth0 doing "ping -I eth# www.kernel.org", i dont have a "default route" and etc.
Ok, now goes the worse part. I cant MASQUERADE the connection to my internal network, and even if i could, will redundance work if the first interface fails? I dont think so. Because i tried a normal ping (ping www.kernel.org) and it always goes through eth2, even the i unplug the adsl line from the router/modem to simulate a down link.
I believe that should be an IPTABLES configuration to make NAT work with redundance, not the usual below:
#!/bin/sh
IPTABLES=/sbin/iptables
#All The lines below are NAT routing
# flush any old rules
$IPTABLES -F -t nat
# turn on NAT (IP masquerading for outgoing packets)
$IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE
# enable IP forwarding (of incoming packets)
echo 1 > /proc/sys/net/ipv4/ip_forward
Im using the rc.firewall-2.4 right now, and it clearly doesnt work with redundance.
Here is my network.
LAN
_/\__/\_ +---+----+ _/\___/\_
/ \ (eth2) - 192.168.1.200 (GTW-192.168.1.1) | | (eth0) - 192.168.0.200 (GTW-192.168.0.254) / \
( Router1 )------------------------------------------------+ Linux box + ----------------------------------------------------------( Router 2 )
\_ __ _ / | | \ _ __ _ /
\/ \/ +----+---+ \/ \/
| |
(eth1) - 192.168.2.1
--------------------
| |
| LAN |
|Ex:192.168.2.20 |
| 192.168.2.21... |
-----------------------------
Sites I tried: http://lartc.org/howto/lartc.rpdb.multiple-links.html
http://www.ssi.bg/~ja/nano.txt
THANKS A LOT
[-- Attachment #2: Type: text/html, Size: 13180 bytes --]
next reply other threads:[~2004-04-07 17:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-07 17:36 Cristiano Soares [this message]
2004-04-08 6:58 ` [LARTC] setup fail-over with redhat9 Damion de Soto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='003501c41cc6$e604c0b0$6400a8c0@stillnicks' \
--to=stillnick2@terra.com.br \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.