From: lartc@docawk.org
To: lartc@vger.kernel.org
Subject: [LARTC] Double gateway - aliased ip routing
Date: Tue, 28 Jan 2003 17:19:16 +0000 [thread overview]
Message-ID: <marc-lartc-104377445704545@msgid-missing> (raw)
Hi,
I've get a local network with several workstations attached through a
firewall to the internet by two types of connections: one is called
ADSL, which is cheaper, but with lower bandwidth. the other called T3,
faster but more expensive.
I want to enable each workstation from the localnet to choose it's
connection by setting it's default gateway to one of the firewall's ip
on eth0: 192.168.10.8 for ADSL and 192.168.10.9 for T3. additional each
workstation regardless its gateway ip should be able to access the dmz.
the topology of the net would be something like this:
INTERNET
=================== | |
| |
DynIP 212.x.x.195
/------------\ /---------------\
| DSL-ROUTER | | T3-ROUTER |
\------------/ \---------------/
192.168.11.1 62.x.x.89
192.168.11.0/24 62.x.x.88/29
| |
| |
192.168.11.8 62.x.x7.90
192.168.11.0/24 62.x.x.88/29
eth3 eth1 w/ ProxyARP
/---------------\
| FIREWALL |
\---------------/
eth0:1 eth0 eth2 w/ ProxyARP
192.168.10.8 192.168.10.9 62.x.x.90
192.168.10.0/24 62.x.x.88/29
| \
| \
============== eth0
LOCALNET 62.x.x.93
62.x.x.88/29
/-----\
| DMZ |
\-----/
My problem is how to route the packages from the localnet to either ADSL
or T3, depending on wether they were received by the ip 192.168.10.8 or
192.168.10.9.
I tried to mark the packages in the postrouting chain of iptables and
send them to different routing tables. but iptables can't handle aliased
interfaces like eth0:1 as source devices.
Next step was to set up routing depending on incoming interfaces, but
there was no effect in the actual routing.
my current configurations are:
# ip rule ls
0: from all lookup local
32765: from all iif eth0:1 lookup ADSL
32766: from all lookup main
32767: from all lookup default
# ip route show
62.x.x.89 dev eth1 scope link
62.x.x.88/29 dev eth2 scope link
192.168.11.0/24 dev eth3 proto kernel scope link src 192.168.11.8
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.9
default via 62.x.x.89 dev eth1
# ip route show table ADSL
62.153.117.88/29 dev eth2 scope link
default via 192.168.11.92 dev eth3
Has anyone ideas of solving the problem?
Thanks,
oli
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next reply other threads:[~2003-01-28 17:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-01-28 17:19 lartc [this message]
2003-01-28 19:12 ` [LARTC] Double gateway - aliased ip routing Martin A. Brown
2003-01-28 20:38 ` Oliver Geisler
2003-01-29 4:58 ` Martin A. Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-104377445704545@msgid-missing \
--to=lartc@docawk.org \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.