Bert Hubert: > So what IP address do packets have that come from the firewall box? Oops, I didn't give enough information. The Linux box is not a router - it's a multi-homed server. The DHCP net has one of those retail router boxes that does DHCP, NAT, and is a gateway to one of the DSL networks. If I try to follow a policy route to either of the DSL interfaces from the Linux system itself, not _through_ it as a router. ip rule add from 216.15.108.186 table dnai-net ip rule add from 67.114.175.138 table sbc-net ip route add default via 216.15.108.186 dev eth0 table dnai-net ip route add default via 67.114.175.138 dev eth1 table sbc-net ping -I 67.114.175.138 www.gnu.org I get an IMAP "unreachable" message back from the interface. What I want is to be able to bind to the IP address of either of the DSL interfaces, and have the packets routed to that interface reliably. If there's a network partition effecting one DSL carrier and not the other, it should still be possible to reach the system and the return packets should be on the same network as the incoming ones. Load-balancing is secondary, but I have some ideas there. For example, why not have squid alternate addresses so that receive data is interleaved across the two DSL lines? Wouldn't that balance better than simply routing half of the internet through each interface? Thanks Bruce
