WAN balancing

WAN balancing

[Dimitri Yioulos]

Good morning, all.

I've searched for a clear guide on setting up my 
iptables/Netfilter firewall/router to do WAN 
balancing.  I have two providers - one is T1 and 
the other broadband).  Currently, I'm using the 
T1 provider to send and receive traffic on.  I'd 
like to use both.

I have one LAN interface, one WAN interface, and 
one DMZ interface.  The DMZ utilizes several 
virtual interfaces.  I can easily add a fourth 
physical NIC.  Beyond this, I'm not sure what 
other information I can provide, but I'm happy to 
do so.

Your help would be greatly appreciated.

Dimitri

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: WAN balancing

[Matty Sarro]

http://lartc.org/howto/lartc.rpdb.multiple-links.html

That should help.

On Thu, May 5, 2011 at 9:01 AM, Dimitri Yioulos <dyioulos@firstbhph.com> wrote:
> Good morning, all.
>
> I've searched for a clear guide on setting up my
> iptables/Netfilter firewall/router to do WAN
> balancing.  I have two providers - one is T1 and
> the other broadband).  Currently, I'm using the
> T1 provider to send and receive traffic on.  I'd
> like to use both.
>
> I have one LAN interface, one WAN interface, and
> one DMZ interface.  The DMZ utilizes several
> virtual interfaces.  I can easily add a fourth
> physical NIC.  Beyond this, I'm not sure what
> other information I can provide, but I'm happy to
> do so.
>
> Your help would be greatly appreciated.
>
> Dimitri
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Re: WAN balancing

[Usuário do Sistema]

I didn't understand exactly where you want apply your load Balance but
follow the command that does the load balance.
you must have two route in your route table:

ip route add default scope global equalize nexthop via 200.247.209.65
weight 1  nexthop via 200.247.209.6 weight 1

before you insert the load balance command check your table route with
" ip route show "

you will see there is only one default route.

insert load balance command and check again your table route with " ip
route show "

and must appear two default gateway.

ip route add default scope global equalize nexthop via 200.247.209.65
weight 2  nexthop via 200.247.209.6 weight 1



I hope help!







2011/5/5 Matty Sarro <msarro@gmail.com>:
> http://lartc.org/howto/lartc.rpdb.multiple-links.html
>
> That should help.
>
> On Thu, May 5, 2011 at 9:01 AM, Dimitri Yioulos <dyioulos@firstbhph.com> wrote:
>> Good morning, all.
>>
>> I've searched for a clear guide on setting up my
>> iptables/Netfilter firewall/router to do WAN
>> balancing.  I have two providers - one is T1 and
>> the other broadband).  Currently, I'm using the
>> T1 provider to send and receive traffic on.  I'd
>> like to use both.
>>
>> I have one LAN interface, one WAN interface, and
>> one DMZ interface.  The DMZ utilizes several
>> virtual interfaces.  I can easily add a fourth
>> physical NIC.  Beyond this, I'm not sure what
>> other information I can provide, but I'm happy to
>> do so.
>>
>> Your help would be greatly appreciated.
>>
>> Dimitri
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Re: WAN balancing

[Dimitri Yioulos]

If I may, the how-to you've pointed out has to do 
with routing which, of course, is important.  Are 
there any changes/additions I need to make to my 
iptables ruleset, as well?

Best,

Dimitri


On Thursday 05 May 2011 9:34:46 am Matty Sarro 
wrote:
> http://lartc.org/howto/lartc.rpdb.multiple-link
>s.html
>
> That should help.
>
> On Thu, May 5, 2011 at 9:01 AM, Dimitri Yioulos 
<dyioulos@firstbhph.com> wrote:
> > Good morning, all.
> >
> > I've searched for a clear guide on setting up
> > my iptables/Netfilter firewall/router to do
> > WAN balancing.  I have two providers - one is
> > T1 and the other broadband).  Currently, I'm
> > using the T1 provider to send and receive
> > traffic on.  I'd like to use both.
> >
> > I have one LAN interface, one WAN interface,
> > and one DMZ interface.  The DMZ utilizes
> > several virtual interfaces.  I can easily add
> > a fourth physical NIC.  Beyond this, I'm not
> > sure what other information I can provide,
> > but I'm happy to do so.
> >
> > Your help would be greatly appreciated.
> >
> > Dimitri
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by MailScanner, and is
> > believed to be clean.
> >
> > --
> > To unsubscribe from this list: send the line
> > "unsubscribe netfilter" in the body of a
> > message to majordomo@vger.kernel.org More
> > majordomo info at
> >  http://vger.kernel.org/majordomo-info.html



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: WAN balancing

[Usuário do Sistema]

you have add rules NAT POSTROUTING for each link.

for exemplo, for your out Internet Traffic you have add two NAT
POSTROUTING each one on Interface WAN.







2011/5/5 Dimitri Yioulos <dyioulos@firstbhph.com>:
> If I may, the how-to you've pointed out has to do
> with routing which, of course, is important.  Are
> there any changes/additions I need to make to my
> iptables ruleset, as well?
>
> Best,
>
> Dimitri
>
>
> On Thursday 05 May 2011 9:34:46 am Matty Sarro
> wrote:
>> http://lartc.org/howto/lartc.rpdb.multiple-link
>>s.html
>>
>> That should help.
>>
>> On Thu, May 5, 2011 at 9:01 AM, Dimitri Yioulos
> <dyioulos@firstbhph.com> wrote:
>> > Good morning, all.
>> >
>> > I've searched for a clear guide on setting up
>> > my iptables/Netfilter firewall/router to do
>> > WAN balancing.  I have two providers - one is
>> > T1 and the other broadband).  Currently, I'm
>> > using the T1 provider to send and receive
>> > traffic on.  I'd like to use both.
>> >
>> > I have one LAN interface, one WAN interface,
>> > and one DMZ interface.  The DMZ utilizes
>> > several virtual interfaces.  I can easily add
>> > a fourth physical NIC.  Beyond this, I'm not
>> > sure what other information I can provide,
>> > but I'm happy to do so.
>> >
>> > Your help would be greatly appreciated.
>> >
>> > Dimitri
>> >
>> > --
>> > This message has been scanned for viruses and
>> > dangerous content by MailScanner, and is
>> > believed to be clean.
>> >
>> > --
>> > To unsubscribe from this list: send the line
>> > "unsubscribe netfilter" in the body of a
>> > message to majordomo@vger.kernel.org More
>> > majordomo info at
>> >  http://vger.kernel.org/majordomo-info.html
>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>