Split external requisitions between two internet connections

Split external requisitions between two internet connections

[Leonardo Marques]

Hi people,

I have a linux box which will have three ethernet interfaces:

eth0 connected with the LAN
eth1 connected with the internet across ISP1
eth2 connected with the internet acorss ISP2

So, i need do it:

All internet requisition for a external 80 port (http) go out to the
internet across the eth1, and all others requisions, for all others
external ports, go out to the internet across the other internet
connection (eth2).

How can I do it?

Thanks for all attention!
[]s
 
-- 
------------------------------
Leonardo Marques
http://www.analyx.org
------------------------------

Split external requisitions between two internet connections

[Leonardo Marques]

Hi people,

I have a linux box which will have three ethernet interfaces:

eth0 connected with the LAN
eth1 connected with the internet across ISP1
eth2 connected with the internet acorss ISP2

So, i need do it:

All internet requisition for a external 80 port (http) go out to the
internet across the eth1, and all others requisions, for all others
external ports, go out to the internet across the other internet
connection (eth2).

How can I do it?

Thanks for all attention!
[]s

--
------------------------------
Leonardo Marques
http://www.analyx.org
------------------------------

Re: Split external requisitions between two internet connections

[Edmundo Carmona]

I guess you have to use separate routing tables. You could mark
packets and then use a routing rule to set which route the traffic
could go through. (I had problems using masquerade with this... maybe
SNAT can do a better job).

On 8/16/05, Leonardo Marques <surf3r0@gmail.com> wrote:
> Hi people,
> 
> I have a linux box which will have three ethernet interfaces:
> 
> eth0 connected with the LAN
> eth1 connected with the internet across ISP1
> eth2 connected with the internet acorss ISP2
> 
> So, i need do it:
> 
> All internet requisition for a external 80 port (http) go out to the
> internet across the eth1, and all others requisions, for all others
> external ports, go out to the internet across the other internet
> connection (eth2).
> 
> How can I do it?
> 
> Thanks for all attention!
> []s
> 
> --
> ------------------------------
> Leonardo Marques
> http://www.analyx.org
> ------------------------------
> 
>

Multirouting 2 ISP with public addresses

[Wayne Alday]

List :

I have a similar setup to this gentleman:

eth0 connected with the LAN
eth1 connected with the internet across ISP1
eth2 connected with the internet acorss ISP2

Although I can find a thousand examples on how to do this with NAT, 
there doesnt seem to be anyone wanting to do it with real IP addresses, 
or not that I have found in 3 days of searching.

I read the following link :

http://lartc.org/howto/lartc.rpdb.multiple-links.html

Seems to be just what I need, except I do not wish to load balance or 
have servers avaiable everywhere, or have redundancy, but just for the 
box to do what i guess would be called source routing. My delimma is 
that living in a remote town bandwidth costs are moderate to high. I 
have a 6 meg bonded T-1 setup on a cisco 3640 router that we outgrew 
quickly. A DS-3 connection where I live would of cost nearly 15K / month 
because we live near no POP.So we put some fiber up, and needless to say 
we have 10 / mbit with the capability to turn it up as needed at a much 
cheaper cost. The problem is we are having to eat the monthly charges 
for our current bandwith and would like to utilize it for CPE. Im pretty 
sure with the research I have done that this is possible to put on our 
current linux router, but  I must be  missing a key somewhere, and I 
would like a fresh look on the problem.

Here is what I wish to do.

eth1 is connected to my 6mbit line thru the FE0/0 port on the 
router.(192.168.200.2)
eth2 is connected to the fiber transceiver to 10 mbit (192.168.252.2)
eth0 is connected to my lan. (12.150.243.129)

I have route statements in the 3640 that route ALL traffic for the 
public addresses thru a private subnet
ip route 12.37.169.0 255.255.255.0 192.168.200.2
ip route 12.150.225.0 255.255.255.0 192.168.200.2
ip route 12.150.243.128 255.255.255.224 192.168.200.2
ip route 12.150.243.160 255.255.255.240 192.168.200.2
ip route 12.150.243.176 255.255.255.240 192.168.200.2
ip route 12.150.243.192 255.255.255.192 192.168.200.2
ip route 12.175.45.0 255.255.255.128 192.168.200.2

The linux box in turn hands it off to various other parts and routers

What I would like to do is throw the following 4 Class C addresses onto 
eth2 and have them route according to what network.
70.158.60.0
70.158.61.0
70.158.62.0
70.158.63.0
For instance if I assign a CPE an Ip address in the 12.150 range, i wish 
for all that traffic to route out eth1 to the wireline
If I assign a CPE IP in the 70.158 ranges, I would like it to route out eth2

The router on the other side of the fiber net has the exact same routes 
for the 70.158 ranges as the ones on my wireline with the exception
they are routing to 192.168.252.2 instead of 192.168.200.2

Ive seen suggestions on marking packets, setting up 2 routing tables, 
and others, but i have had limited success on getting this going.

Could anyone provide some thoughts or input or an example? It would be 
greatly appreciated. If I havent been descriptive enough, will provide 
more details

Thanks in advance

--Wayne

Re: Multirouting 2 ISP with public addresses

[Leonardo Marques]

Hi Wayne,

Please send me this thousand examples wich you have about how to with NAT ;)

Thanks, for attention 

[]s

On 8/16/05, Wayne Alday <waynea@andycable.com> wrote:
> List :
> 
> I have a similar setup to this gentleman:
> 
> eth0 connected with the LAN
> eth1 connected with the internet across ISP1
> eth2 connected with the internet acorss ISP2
> 
> Although I can find a thousand examples on how to do this with NAT,
> there doesnt seem to be anyone wanting to do it with real IP addresses,
> or not that I have found in 3 days of searching.
> 
> I read the following link :
> 
> http://lartc.org/howto/lartc.rpdb.multiple-links.html
> 
> Seems to be just what I need, except I do not wish to load balance or
> have servers avaiable everywhere, or have redundancy, but just for the
> box to do what i guess would be called source routing. My delimma is
> that living in a remote town bandwidth costs are moderate to high. I
> have a 6 meg bonded T-1 setup on a cisco 3640 router that we outgrew
> quickly. A DS-3 connection where I live would of cost nearly 15K / month
> because we live near no POP.So we put some fiber up, and needless to say
> we have 10 / mbit with the capability to turn it up as needed at a much
> cheaper cost. The problem is we are having to eat the monthly charges
> for our current bandwith and would like to utilize it for CPE. Im pretty
> sure with the research I have done that this is possible to put on our
> current linux router, but  I must be  missing a key somewhere, and I
> would like a fresh look on the problem.
> 
> Here is what I wish to do.
> 
> eth1 is connected to my 6mbit line thru the FE0/0 port on the
> router.(192.168.200.2)
> eth2 is connected to the fiber transceiver to 10 mbit (192.168.252.2)
> eth0 is connected to my lan. (12.150.243.129)
> 
> I have route statements in the 3640 that route ALL traffic for the
> public addresses thru a private subnet
> ip route 12.37.169.0 255.255.255.0 192.168.200.2
> ip route 12.150.225.0 255.255.255.0 192.168.200.2
> ip route 12.150.243.128 255.255.255.224 192.168.200.2
> ip route 12.150.243.160 255.255.255.240 192.168.200.2
> ip route 12.150.243.176 255.255.255.240 192.168.200.2
> ip route 12.150.243.192 255.255.255.192 192.168.200.2
> ip route 12.175.45.0 255.255.255.128 192.168.200.2
> 
> The linux box in turn hands it off to various other parts and routers
> 
> What I would like to do is throw the following 4 Class C addresses onto
> eth2 and have them route according to what network.
> 70.158.60.0
> 70.158.61.0
> 70.158.62.0
> 70.158.63.0
> For instance if I assign a CPE an Ip address in the 12.150 range, i wish
> for all that traffic to route out eth1 to the wireline
> If I assign a CPE IP in the 70.158 ranges, I would like it to route out eth2
> 
> The router on the other side of the fiber net has the exact same routes
> for the 70.158 ranges as the ones on my wireline with the exception
> they are routing to 192.168.252.2 instead of 192.168.200.2
> 
> Ive seen suggestions on marking packets, setting up 2 routing tables,
> and others, but i have had limited success on getting this going.
> 
> Could anyone provide some thoughts or input or an example? It would be
> greatly appreciated. If I havent been descriptive enough, will provide
> more details
> 
> Thanks in advance
> 
> --Wayne
> 
> 


-- 
------------------------------
Leonardo Marques
http://www.analyx.org
------------------------------

Re: Multirouting 2 ISP with public addresses

[Alexander Samad]

[-- Attachment #1: Type: text/plain, Size: 4731 bytes --]

On Tue, Aug 16, 2005 at 05:33:49PM -0500, Wayne Alday wrote:
> List :
> 
> I have a similar setup to this gentleman:
> 
> eth0 connected with the LAN
> eth1 connected with the internet across ISP1
> eth2 connected with the internet acorss ISP2
> 
> Although I can find a thousand examples on how to do this with NAT, 
> there doesnt seem to be anyone wanting to do it with real IP addresses, 
> or not that I have found in 3 days of searching.
> 
> I read the following link :
> 
> http://lartc.org/howto/lartc.rpdb.multiple-links.html
> 
> Seems to be just what I need, except I do not wish to load balance or 
> have servers avaiable everywhere, or have redundancy, but just for the 
> box to do what i guess would be called source routing. My delimma is 
> that living in a remote town bandwidth costs are moderate to high. I 
> have a 6 meg bonded T-1 setup on a cisco 3640 router that we outgrew 
> quickly. A DS-3 connection where I live would of cost nearly 15K / month 
> because we live near no POP.So we put some fiber up, and needless to say 
> we have 10 / mbit with the capability to turn it up as needed at a much 
> cheaper cost. The problem is we are having to eat the monthly charges 
> for our current bandwith and would like to utilize it for CPE. Im pretty 
> sure with the research I have done that this is possible to put on our 
> current linux router, but  I must be  missing a key somewhere, and I 
> would like a fresh look on the problem.
> 
> Here is what I wish to do.
> 
> eth1 is connected to my 6mbit line thru the FE0/0 port on the 
> router.(192.168.200.2)
> eth2 is connected to the fiber transceiver to 10 mbit (192.168.252.2)
> eth0 is connected to my lan. (12.150.243.129)
> 
> I have route statements in the 3640 that route ALL traffic for the 
> public addresses thru a private subnet
> ip route 12.37.169.0 255.255.255.0 192.168.200.2
> ip route 12.150.225.0 255.255.255.0 192.168.200.2
> ip route 12.150.243.128 255.255.255.224 192.168.200.2
> ip route 12.150.243.160 255.255.255.240 192.168.200.2
> ip route 12.150.243.176 255.255.255.240 192.168.200.2
> ip route 12.150.243.192 255.255.255.192 192.168.200.2
> ip route 12.175.45.0 255.255.255.128 192.168.200.2
> 
> The linux box in turn hands it off to various other parts and routers
> 
> What I would like to do is throw the following 4 Class C addresses onto 
> eth2 and have them route according to what network.
> 70.158.60.0
> 70.158.61.0
> 70.158.62.0
> 70.158.63.0

let me have a shot

# setup the rules
ip ru add from 192.168.252.2 pref 200 table fibre
ip ru add from 192.168.200.2 pref 201 table router

# setup default route for each interface
ip ro add table fibre default via 192.168.252.1 dev eth2 src 192.168.252.2
ip ro add table router default via 192.168.200.1 dev eth1 src 192.168.200.2


# You still need to setup the normal table (main)


# setup routing back for each interface
ip ro add table fibre 12.150.243.0/24 dev eth0 scope local
ip ro add table router 12.150.243.0/24 dev eth0 scope local

# setup cross routing just in case
ip ro add table fibre 192.168.200.0/24 dev eth1 src 192.168.252.2
ip ro add table router 192.168.252.0/24 dev eth2 src 192.168.200.2


# no setup natting
iptables -t nat -I POSTROUTING -o eth1  -j SNAT --to-source 192.168.200.2
iptables -t nat -I POSTROUTING -o eth2  -j SNAT --to-source 192.168.252.2
iptables -t nat -I POSTROUTING -i eth0 -d 70.158.63.0/24 -j SNAT --to-source 192.168.252.2
iptables -t nat -I POSTROUTING -i eth0 -d 70.158.62.0/24 -j SNAT --to-source 192.168.252.2
iptables -t nat -I POSTROUTING -i eth0 -d 70.158.61.0/24 -j SNAT --to-source 192.168.252.2
iptables -t nat -I POSTROUTING -i eth0 -d 70.158.60.0/24 -j SNAT --to-source 192.168.252.2

iptables -I FORWARD -i eth0 -j ACCEPT


That should do it


might have missed something, but this is about the guts of mine

> For instance if I assign a CPE an Ip address in the 12.150 range, i wish 
> for all that traffic to route out eth1 to the wireline
> If I assign a CPE IP in the 70.158 ranges, I would like it to route out eth2
> 
> The router on the other side of the fiber net has the exact same routes 
> for the 70.158 ranges as the ones on my wireline with the exception
> they are routing to 192.168.252.2 instead of 192.168.200.2
> 
> Ive seen suggestions on marking packets, setting up 2 routing tables, 
> and others, but i have had limited success on getting this going.
> 
> Could anyone provide some thoughts or input or an example? It would be 
> greatly appreciated. If I havent been descriptive enough, will provide 
> more details
> 
> Thanks in advance
> 
> --Wayne
> 
> 

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]