Brillient, cheers for that, appears to be approching 5.30 so I'll have to read through it tomorrow morning. First glance it appears its exactly want I need to impliment. I've learnt so much today with all this its untrue. Thanks to all whos helped. -----Original Message----- From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx] On Behalf Of James Sneeringer Sent: 06 July 2004 16:53 To: lartc@xxxxxxxxxxxxxxx Subject: Re: FW: Static ip addresses/aliases previously (my mistake) htb: class 10007 isn't work conserving ?! [Sorry if this is received twice. Sent it with the wrong address once, not sure if the moderator will approve it.] On Tue, Jul 06, 2004 at 08:22:42AM +0100, Chris Bolton wrote: > Ok I'm not the best at ASCII diagrams but here goes anyway... (well > I'll modify the one in the advanced routing howto) Does this look right? Forget eth0 on Linux for a moment. ---------- ---------- | | eth1 217.x.196.217/29 --- 217.x.196.222/29 | EN5861 | ___ DSL ___ | | eth2 217.x.196.218/29 --------------- eth0 | router | #1 | Linux | ---------- | router | -------------- | | ppp0 217.x.230.198/29 ---------------- | Speedtouch | ___ DSL ___ | | ppp0:0 217.x.230.193/29 -----' | DSL bridge | #2 ---------- -------------- > As you can see the linux router has 3 network adapters, eth0 being the > local lan and eth1 & eth2 are both connected to the EN5861 router. > I've done that because I couldn't work out any other way to use the > static IP address that out ISP have given us. For each connection > we've got 5 IP addresses plus one for for the router. Eth1 & eth2 > work fine ie both have the correct static IP address given to us by > our ISP but it seems impraticle putting in another 3 cards to make use > of the other IP addresses we have, there must be another way. Ok, so the Speedtouch is some sort of DSL bridge, right? Meaning when you establish PPP (PPPoE?) to your ISP, you really have another ethernet card (eth3?) connected to the Speedtouch? First, as someone else pointed out, the eth1/eth2 connections to the EN5861 are redundant. You can set up interface aliases on eth1 so it has both IP addresses. % ip addr add 217.x.196.217/29 brd 217.x.196.223 dev eth1 % ip addr add 217.x.196.218/29 brd 217.x.196.223 dev eth1 label eth1:0 PPP is set up similarly. (PPPoE might configure ppp0 for you.) % ip addr add 217.x.230.198/29 brd 217.x.230.199 dev ppp0 % ip addr add 217.x.230.193/29 brd 217.x.230.199 dev ppp0 label ppp0:0 You can continue to add as many aliases to either interface as you like. Your problem then becomes load-balancing outbound traffic, because you have two potential default routes. One is the PPPoE connection via the Speedtouch (the remote IP is probably the DSL concentrator at your ISP). The other is the EN5861 on 217.x.196.222/29 (which in turn is probably talking to the same DSL concentrator as the Speedtouch). The simplest approach (aside from defaulting everything out one interface, which you probably don't want) is to policy route based on source IP. If the source IP of a packet as it leaves the Linux router is 217.x.196.x/29, the packet should get routed via eth1 to the EN5861. If the source is 217.x.230.x/29, it should be routed via ppp0 to the Speedpath. There are examples of this in the LARTC HOWTO. How you want to set up your NAT for eth0 to take advantage of one connection or the other is up to you. -James _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
