From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Martin A. Brown" Date: Thu, 10 Apr 2003 17:26:35 +0000 Subject: Re: [LARTC] 3 nic -s, 1 lan, 2 internet connections, ip based routing Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org : I have problem to solve, redhat 6.3 based linux router, 3 network cards, : eth1, 192.168.10.1 connected to switch, eth0 213.180.9.x connected to : one adsl bridge and eth0 213.34.9.x connected to another adsl bridge. Hm! Never heard of RH6.3 before. Probably the successor to RH9. : So one internal subnet, users from group one : (192.168.10.2, 192.168.10.3, 192.168.10.4, 192.168.10.5) are allowed use : eth0 and users from group two 192.168.10.10, 192.168.10.11, : 192.168.10.12, 192.168.10.13 are allowed to use eth2 for internet : connection, no load balancing etc is needed, the idea is just one router : for two separate companies. So i made iptables nat rules: You need to take advantage of the RPDB. In particular, you may find this documentation helpful: http://linux-ip.net/html/adv-multi-internet.html http://linux-ip.net/html/adv-multi-internet.html#adv-multi-internet-outbound For some background on route selection: http://linux-ip.net/html/routing-selection.html http://linux-ip.net/html/routing-selection.html#routing-selection-adv Note, that routing and iptables must be synchronized in order for you to attain the desired result. If your default route in table main is through 213.34.9.x, then here's a teaser (you'll need to tweak it a bit to get things right): # echo 5 link213180 >> /etc/iproute2/rt_tables # ip rule add from 192.168.30.2 table link213180 ... # ip rule add from 192.168.30.5 table link213180 # ip route show table main \ > | while read ROUTE ; do > ip route add table link213180 $ROUTE > done # ip route change table link213180 default via 213.180.9.x : Then i found http://lartc.org/howto/lartc.rpdb.multiple-links.html but : seems this is not 100% what i need, as there is no internal network : interface included and routing is possible to network, not ip based. : Is it possible to get it work at all, and if so, then how? Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/