From: Mohan Sundaram <mohan.tux@gmail.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Problem with multiple ADSL lines
Date: Fri, 12 Oct 2007 03:33:32 +0000 [thread overview]
Message-ID: <470EE83C.40602@vsnl.com> (raw)
In-Reply-To: <1196d7620710111354p5301336cue87ae26926a587ac@mail.gmail.com>
Kostas Flokos wrote:
> Hi all,
> I have managed to setup a Fedora 7 box with 3 ethernet cards and two
> ADSL modem/routers from different suppliers as LARTC recommends. I am
> able to direct traffic for specific internal IPs either to one or the
> other ADSL line. However, I am faced with two problems I am struggling
> for the solution:
>
> 1. I have opened a few ports on the ADSL router/firewalls to talk to
> internal hosts; say when someone hits http://myADSL1_IP I would redirect
> him to 192.168.0.10 <http://192.168.0.10>; while if someone hits
> http://myADSL2_IP I would redirect him to 192.168.0.20
> <http://192.168.0.20>.
This is your ADSL router(s) config.
> If I have rules such as the following all works well:
> ip rule add from 192.168.0.10 <http://192.168.0.10> table ADSL1_rules
> ip rule add from 192.168.0.20 <http://192.168.0.20> table ADSL2_rules
These are rules on your linux machine to send traffic back on the same
link they came from.
> Unfortunately, if I want to do the reverse it does not work. I can't
> have a host prefer one ADSL line, but still receive traffic from the
> other ADSL line.
This can be done by switching the rule table above. Obviously NAT is
being used. However, this will break. You cannot initiate a connection
to one IP and match the reply or ack for that connection from another
IP. TCP/IP basics. Assymetric routing works when no address translations
take place.
> It may sound weird, but I only want to have one host
> reply to any of the two IPs, either from ISP1 or ISP2. With the current
> configuration I can't. It works ok the default ISP of the host, but
> can't make it to work for the other.
One way of doing this would be:
1. Set the routers to bridge mode.
2. Assign the ISP IPs to the NICs.
3. Source NAT rules use ISP1_IP and routing rule redirects it to link
connected to ISP2. Flip similarly for ISP1.
Let us hope your ISP2 does not filter out traffic having source outside
his subnet when it arrives from within.
Mohan
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2007-10-12 3:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-11 20:54 [LARTC] Problem with multiple ADSL lines Kostas Flokos
2007-10-12 3:33 ` Mohan Sundaram [this message]
2007-10-12 6:13 ` Kostas Flokos
2007-10-12 7:12 ` Mohan Sundaram
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=470EE83C.40602@vsnl.com \
--to=mohan.tux@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.