From mboxrd@z Thu Jan  1 00:00:00 1970
From: lartc@docawk.org
Date: Tue, 28 Jan 2003 17:19:16 +0000
Subject: [LARTC] Double gateway - aliased ip routing
Message-Id: <marc-lartc-104377445704545@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hi,
I've get a local network with several workstations attached through a
firewall to the internet by two types of connections: one is called
ADSL, which is cheaper, but with lower bandwidth. the other called T3,
faster but more expensive. 
I want to enable each workstation from the localnet to choose it's
connection by setting it's default gateway to one of the firewall's ip
on eth0: 192.168.10.8 for ADSL and 192.168.10.9 for T3. additional each
workstation regardless its gateway ip should be able to access the dmz.
the topology of the net would be something like this:

                       INTERNET
         ===================               |                       |
               |                       |
             DynIP                212.x.x.195
         /------------\        /---------------\
         | DSL-ROUTER |        |   T3-ROUTER   |
         \------------/        \---------------/
          192.168.11.1             62.x.x.89
         192.168.11.0/24          62.x.x.88/29
               |                       |
               |                       |
          192.168.11.8             62.x.x7.90
         192.168.11.0/24          62.x.x.88/29
             eth3                    eth1   w/ ProxyARP
                   /---------------\     
                   |   FIREWALL    |        
                   \---------------/ 
      eth0:1         eth0             eth2  w/ ProxyARP
  192.168.10.8   192.168.10.9      62.x.x.90  
        192.168.10.0/24           62.x.x.88/29
               |                                 \
               |                                  \
  ==============                    eth0  
           LOCALNET                            62.x.x.93  
                                              62.x.x.88/29
                                                /-----\
                                                | DMZ |
                                                \-----/

My problem is how to route the packages from the localnet to either ADSL
or T3, depending on wether they were received by the ip 192.168.10.8 or
192.168.10.9.
I tried to mark the packages in the postrouting chain of iptables and
send them to different routing tables. but iptables can't handle aliased
interfaces like eth0:1 as source devices. 
Next step was to set up routing depending on incoming interfaces, but
there was no effect in the actual routing.

my current configurations are:

# ip rule ls
0:      from all lookup local 
32765:  from all iif eth0:1 lookup ADSL 
32766:  from all lookup main 
32767:  from all lookup default 

# ip route show
62.x.x.89 dev eth1  scope link 
62.x.x.88/29 dev eth2  scope link 
192.168.11.0/24 dev eth3  proto kernel  scope link  src 192.168.11.8 
192.168.10.0/24 dev eth0  proto kernel  scope link  src 192.168.10.9 
default via 62.x.x.89 dev eth1 

# ip route show table ADSL
62.153.117.88/29 dev eth2  scope link 
default via 192.168.11.92 dev eth3 

Has anyone ideas of solving the problem?
Thanks,

oli
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/