[ILUG] Routing.
Mark Kilmartin
mrk at renre-europe.com
Tue Jan 15 15:11:10 GMT 2002
First some background.
I'm using a Linux box as an Internet router.
It is running debian, kernel 2.4.17, and iptables.
I have user fwbuilder to build the rules and everything seems to be
working except for the small problem I'll list below.
Please forgive the bad ASCII art.
Internet Internet
| |
| |
| |
ISP1 Router ISP2 router
\ /
\ /
\ /
\ /
\ /
Linux
Firewall/
Router
|
|
|
|
Server
OK what I have tried to show above is the following two seperate
Internet connections through two different ISPs.
A Linux Router / Firewall
And an Internal server. (In this case running windoze)
ISP1 has a range of IPs a.b.c.x
ISP2 has a range os IPs d.e.f.x
I would like the server to be accessed through a.b.c.1
This part I have working using simple NAT.
The problem I would also like to access the server through d.e.f.1
I can access the server through one or the other but not if I have both
connections set up at once.
The Firewall is set to use ISP as its default route as I want all
outgoing traffic(Web, FTP, etc) to go over that connection which is
faster.
When I'm set up like this I can access the server through d.e.f.1
But not through a.b.c.1
I believe that this is down to asymetric routes.
i.e. traffic goes to one address but seems to return from another
address.
The only option which I can find in fwbuilder which may help with this
is Accept source route.
Can anybody explain what this option is and if it might help me.
Or can anybody suggest another solution.
MArk
More information about the ILUG
mailing list