From: Jose Luis Domingo Lopez <lartc@24x7linux.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Iptables, SNAT/MASQ, Multiple gateways
Date: Mon, 30 Sep 2002 18:11:58 +0000 [thread overview]
Message-ID: <marc-lartc-103340960104047@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103332395202631@msgid-missing>
On Sunday, 29 September 2002, at 22:18:30 -0700,
Don Cohen wrote:
> > ip route add default nexthop via $CONN1_IP dev $ETHX weight $X \
> > nexthop via $CONN2_IP dev $ETHX weight $Y
>
> Note that this only shapes outgoing traffic and also relies on your
> ISPs to NOT do the ingress filtering that they're really supposed to do.
>
Just a note. The above routing doesn't prevent you from applying
SNAT/MASQ to the outgoing traffic, at least not when you have an
ethernet card for each connection (not the case) and you can know
through each one the traffic will go out.
So adding another ethernet card and a couple of "iptables" rules can
avoid problems with ISPs filtering "alien" incoming traffic :)
--
Jose Luis Domingo Lopez
Linux Registered User #189436 Debian Linux Woody (Linux 2.4.19-pre6aa1)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-09-30 18:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-29 18:24 [LARTC] Iptables, SNAT/MASQ, Multiple gateways Simon Matthews
2002-09-29 22:45 ` José Luis Domingo López
2002-09-30 5:18 ` Don Cohen
2002-09-30 7:06 ` Simon Matthews
2002-09-30 15:55 ` Don Cohen
2002-09-30 17:05 ` Michael T. Babcock
2002-09-30 18:11 ` Jose Luis Domingo Lopez [this message]
2002-09-30 19:23 ` Julian Anastasov
2002-09-30 19:24 ` Simon Matthews
2002-09-30 19:26 ` Simon Matthews
2002-09-30 19:41 ` Greg Scott
2002-10-01 4:12 ` William L. Thomson Jr.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103340960104047@msgid-missing \
--to=lartc@24x7linux.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.