On Mon, 15 Jan 2001, Daniel Jay wrote: [snip] > Ethernet Internet Connection 207.152.31.185/24 gw 207.152.31.1 (T1 > connection) > DSL Ethernet Connection 216.254.12.42/24 gw 216.254.12.42 (256k SDSL) > LAN Ethernet Connection 192.168.181.254/24 (NAT'd) [snip] > Now I have some basic port transaltion going on to get the webservers > alias'd to the internet connections and such but nothing overly fancy. Keep > inmind that I can _not_ use any routing protocals via either of these > connections. Here is what I need to do: > > 1> Setup traffic shaping to allow the windows clients behind the NAT to > browse the internet using both internet connections. An important part of > this is that incoming traffic _must_ be answered through the NAT via the > same ip address that it came in on. (NOTE: This is the major problem with > Vicomsoft Internet Gateway software as it will just pick either of the 2 > internet connections to reply on, and therefore a number of things - most > importantly games that use UDP packets - stop working correctly or have a > huge amount of packet loss due to packets being answered with a different > source ip than the host connected on). > > 2> Setup a fail over method so that if either internet connection were > to fail it would start routing all outbound traffic over that link. > > 3> Allow simple port translation so that I can alias 207.152.31.185 > port 22 to 192.168.181.251 port 22. > > So the question is can Linux using Advanced routing be used to solve these > problems? If so could you please point me to an example setup? If not do > you know of _any_ possible solution to get this setup working? Again, I'm > sorry if I've missed this reading the HOWTO please point me in the right > direction. Yes. Linux using Advanced Routing can be used to solve these problems, but for problem 2: at the IP level there is no way to figure out wether or not a link is down. Ofcourse, you can approximate problem 2, but you have no guarantees that the problem lies with the link and not with the servers you test your connectivity against, or the infrastructure to those servers beyond your direct link. There have been some postings on the mailing list on exactly the kind of setup you want. Look into the threads 'Can't use two links on a linux box' and 'Can't use two links on a linux box - correction/addition' in the archives at http://mailman.ds9a.nl/pipermail/lartc/2000q4/thread.html Doei, Arthur. (Maybe I should 'steal' some of my boss' time to write this stuff up for the HOWTO...) -- /\ / | arthurvl@xxxxxxxxxx | Work like you don't need the money /__\ / | A friend is someone with whom | Love like you have never been hurt / \/__ | you can dare to be yourself | Dance like there's nobody watching
