Hey, I'm trying to set up a Gentoo box to replace an aging BSD box here.
The BSD box is running packet filter and I have it set up to take all
data and route it to one of six sattelites. I have come up with the
following config, but unfortunately I have no real way to test it short
of switching the satellites over to the new system and prayer.
The setup is:
192.168.252/22 - The LAN addresses, all run by DHCP on the Cisco BBSM
which is behind the load balancer. Cannot change these.
10.10.1.1 - The Internal Interface, Gentoo box's IP to the BBSM. I can
change this if needed.
10.10.1.2 - The BBSM's address to reply with (I cannot change this
address, I tried but the BBSM hates me, and I have the BSD working on
this by just NATing and then forwarding all traffic through the
10.10.1.2 gateway)
10.254.X.1 - Gentoo's ethX IPs to interface to the satelite modems. I
can change these as needed.
10.254.X.10 - The Sattelite modem's IP addresses. I cannot change these.
That's the setup. Like I said, the BSD box runs it fine but I am having
administrative issues, and the new box has more stuff available as well
as being faster. I havd 289 users as of now with more to come, so the
BSD setup is sweating a bit, and I want to run Squid on this load
balanced net, and an internal Web server on a different interface when I
get some free time. I've gotten a lot of help on this from Chris Verges,
and using his info I put this together and wanted to see if anyone had
any changes I should make before I basically go live to run the test.
One thing I have not added yet is the interfacing to eth0 (Internal
addressing) which I am unsure how to code exactly. Thanks for any help
anyone can give.
SCRIPT FOLLOWS:
#!/bin/sh
#Define my vars
#Interfaces
IF0=eth0
IF1=eth1
IF2=eth2
IF2=eth3
IF2=eth4
IF2=eth5
IF2=eth6
#IP Addresses bound to interfaces
IP0=10.10.1.1 #Internal Interface Address
IP1=10.254.7.1 #Satellite 1 Interface
IP2=10.254.9.1 #Satellite 2 Interface
IP3=10.254.10.1 #Satellite 3 Interface
IP4=10.254.16.1 #Satellite 4 Interface
IP5=10.254.17.1 #Satellite 5 Interface
IP6=10.254.18.1 #Satellite 6 Interface
#IP Addresses of Gateways
P0=10.10.1.2 #BBSM IP Address
P1=10.254.7.10 #Sattelite 1 Router/Modem IP (Gateway)
P2=10.254.9.10 #Sattelite 2 Router/Modem IP (Gateway)
P3=10.254.10.10 #Sattelite 3 Router/Modem IP (Gateway)
P4=10.254.16.10 #Sattelite 4 Router/Modem IP (Gateway)
P5=10.254.17.10 #Sattelite 5 Router/Modem IP (Gateway)
P6=10.254.18.10 #Sattelite 6 Router/Modem IP (Gateway)
#Networks
P0_NET="10.10.1.0/24" # BBSM Net
P1_NET=10.254.7.0/24 #Satellite 1 Network
P2_NET=10.254.9.0/24 #Satellite 2 Network
P3_NET=10.254.10.0/24 #Satellite 3 Network
P4_NET=10.254.16.0/24 #Satellite 4 Network
P5_NET=10.254.17.0/24 #Satellite 5 Network
P6_NET=10.254.18.0/24 #Satellite 6 Network
#Perform Network Address Translation for this network
NAT_NET=192.168.252/22
#Add the routes
ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2
ip route add $P3_NET dev $IF3 src $IP3 table T3
ip route add default via $P3 table T3
ip route add $P4_NET dev $IF4 src $IP4 table T4
ip route add default via $P4 table T4
ip route add $P5_NET dev $IF5 src $IP5 table T5
ip route add default via $P5 table T5
ip route add $P6_NET dev $IF6 src $IP6 table T6
ip route add default via $P6 table T6
#Assign nets to corect IFs
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add $P3_NET dev $IF3 src $IP3
ip route add $P4_NET dev $IF4 src $IP4
ip route add $P5_NET dev $IF5 src $IP5
ip route add $P6_NET dev $IF6 src $IP6
#Default gateway if I go wiggy
ip route add default via $P1
#Assign tables to IPs
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2
ip rule add from $IP3 table T2
ip rule add from $IP4 table T2
ip rule add from $IP5 table T2
ip rule add from $IP6 table T2
#Load Balance
ip route add default scope global \
nexthop via $P1 dev $IF1 weight 1 \
nexthop via $P2 dev $IF2 weight 1 \
nexthop via $P3 dev $IF3 weight 1 \
nexthop via $P4 dev $IF4 weight 1 \
nexthop via $P5 dev $IF5 weight 1 \
nexthop via $P6 dev $IF6 weight 1
#Setup NAT on all external interfaces
ip route add nat $IP1 via $NAT_NET
ip rule add nat $IP1 from $NAT_NET
ip route add nat $IP2 via $NAT_NET
ip rule add nat $IP2 from $NAT_NET
ip route add nat $IP3 via $NAT_NET
ip rule add nat $IP3 from $NAT_NET
ip route add nat $IP4 via $NAT_NET
ip rule add nat $IP4 from $NAT_NET
ip route add nat $IP5 via $NAT_NET
ip rule add nat $IP5 from $NAT_NET
ip route add nat $IP6 via $NAT_NET
ip rule add nat $IP6 from $NAT_NET
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
