* [LARTC] multihome network problem
@ 2005-06-28 9:14 Lorenzo Grio
0 siblings, 0 replies; 2+ messages in thread
From: Lorenzo Grio @ 2005-06-28 9:14 UTC (permalink / raw)
To: lartc
My firewall's configuratione is like this:
|-FW--------------------|
| eth0 - LAN |
| IP1_ISP1 - eth1 |
| IP1_ISP2 - eth2 |
|-----------------------|
I have configured firewall as specified on
http://lartc.org/howto/lartc.rpdb.multiple-links.html and all works ok,
except for connections between my firewall and other hosts of "other" ISP.
Example:
I have two DNS with public ip adddresses, one for each ISP:
|-DNS1------------|
| IP2_ISP1 - eth0 |
|-----------------|
|-DNS2------------|
| IP2_ISP2 - eth0 |
|-----------------|
Ping from DNS1 to IP1_ISP1 of FW is ok (response from eth1 of FW).
Ping from DNS1 to IP1_ISP2 of FW fails (response from eth1 of FW).
Ping from DNS2 to IP1_ISP1 of FW fails (response from eth2 of FW).
Ping from DNS2 to IP1_ISP2 of FW is ok (response from eth2 of FW).
This is "normal" because packets return to DNS from "the right"
interface, but in this case packets should retrun from incoming interface.
How can I solve this problem?
Thanks in advance.
Lorenzo.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] multihome network problem
@ 2005-07-05 10:40 Lorenzo Grio
0 siblings, 0 replies; 2+ messages in thread
From: Lorenzo Grio @ 2005-07-05 10:40 UTC (permalink / raw)
To: lartc
Sorry for delay in this response.
I have just sent to you my working iproute/iptable config.
I have also host connected to eth0 and all works ok, but remember that
every host must have two ip address, one for each ISP.
Daniel Wittenberg ha scritto:
> I've been having some issues with this kind of setup, and was curious if
> you'd mind sharing your iproute/iptables config that makes this work? I
> had this working a few years ago, but something has broken and for the
> life of me can't find any reason why :( (and yes have read the lartc
> pdf). Also, do you have hosts connected to eth0 that are accessed (via
> nat) from both ISP connections? That's where my biggest problem comes
> from. Any help appreciated!
>
> Dan
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-07-05 10:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-28 9:14 [LARTC] multihome network problem Lorenzo Grio
-- strict thread matches above, loose matches on Subject: below --
2005-07-05 10:40 Lorenzo Grio
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.