I think the second addess on the inner-most machine would be necessary. The inner machine could even have two private addresses and have your two routers do NAT. Then setup multiple routing tables with different default gateways (one 10.4.44.1, the other 10.4.44.2) and policy routing rules on your inner machine. Then outgoing traffic can be sent through either internet connection. Ex. ip rule add from 10.4.44.11 table 100 ip route add default table 100 via 10.4.44.1 ip rule add from 10.4.44.12 table 101 ip route add default table 101 via 10.4.44.2 It also helps sometimes to add the contents of your main routing table to any others you setup that have default routes since nothing will get past the default route in that table. -Kristian On Tue, 4 Dec 2001, Whit Blauvelt wrote: > Ross, > > The diagram really helps. My guess is what you need to do is put a second > address on eth0, and then differentiate your packets according to which > address they have arrived at on the Linux box - for example, 10.4.44.11 or > 10.4.44.12. > > And yeah, there should be a way to do it by MAC address, but this should be > simpler. > > Whit > > On Tue, Dec 04, 2001 at 02:11:37PM -0800, Ross Simpson wrote: > > First off, here's a diagram: > > > > > > I N T E R N E T > > / \ > > ------------- ------------- > > | 10.4.44.1 | | 10.4.44.2 | > > | lucent | | speed | > > ------------- ------------- > > port-fw 80 port-fw 80 > > \ / > > \ / > > \ / > > ----------- > > | hub | > > ----------- > > | > > | > > | > > | > > eth0 > > -------------- > > | 10.4.44.11 | > > | linux | > > -------------- > > > > I have a default gateway as specified in /etc/sysconfig/network: > > GATEWAYDEV=eth0 > > GATEWAY=10.4.44.1 > > > > I ran the below commands to use multiple default gateways. > > > > So here's what I would _like_ to see: > > Traffic coming to the box from the internal network uses the default route > > from /etc/sysconfig/network. > > Traffic coming from the internet (from the 10.4.44.1 router, then > > port-forwarded 10.4.44.11) should use 10.4.44.1 as the gateway to return the > > packets to the client. > > 10.4.44.2 should work identically to 10.4.44.1. > > > > Right now, traffic coming from the system default gateway works great. > > Traffic coming from 10.4.44.2 gets to the system, however I would guess that > > it's being sent back to 10.4.44.1 as it is the default gateway. > > > > As I'm watching a tcpdump, I see that packets are coming in with their > > original (external) IP addresses, instead of the address of the router (I > > was thinking that port forwarding temporarily changed the source IP of the > > packet; apparently not). So the setup is not working because external IPs > > don't match 10.4.44.1 or 10.4.44.2, and the system's default gateway is > > used. > > > > So, I guess my question becomes: is there any way for linux to tell which > > router the packet came from? Could it tell maybe by mac address? > > > > Thanks for the help! > > Ross > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/ >
