On Tue, Dec 18, 2001 at 12:28:58AM -0200, Roberto Campos wrote: > We've managed to play with two default gateways equal cost and it works, > the problems are that we have two diferent ISPs to work with and the box > send the packets without a simple logic, we just need that packets comming > from eth0 to go back through eth0. If we ping the firewall from ISP1 > sometimes it sends back the ICMP packet with the ip from the other > interface and it's not allowed from ISP1 ou 2. That way it don't get past > their firewalls. Use policy routing to force answers to go to the right link. This works for our setup, which looks quite like yours. > If i can set this up to work telling linux to send back using eth0 the > packets that comes from eth0 with the ip of eth0 or the internal ip that > was used to forward in, i'll be happy. It works by using the source address to determine a gateway. Something like this: ip rule add from 1.2.3.4 table 200 ip rule add from 2.2.3.4 table 300 ip route add default via 1.2.3.1 table 200 ip route add default via 2.2.3.1 table 300 (more or less). Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk Netherlabs BV / Rent-a-Nerd.nl - Nerd Available - Linux Advanced Routing & Traffic Control: http://ds9a.nl/lartc
