On Tue, 2006-03-14 at 16:11 +0200, Erez D wrote: > > > > i do not use MASQ. as this did not function well before, and the faq > > > said to preffer SNAT > > > > Would point me this FAQ? > > AFAIK SNAT is to be used on fixed IP and MASQUERADE on dynamic (like ppp's) IP's. > > I woulb like to know if my knowleage is wrong. > > i read this faq long time ago so i can not supply a link > all my ips are static (internal and external). Same difference either way with masquerade. I use both, but typically masquerade for dynamic stuff. So I do not have to deal with finding out the ip, modifying rules, etc. If you find the link or etc on using snat instead of masquerade. I would like to research it. > > And also, outgoing via two routers is a tricky thing to put to work. > > There are some docs aronud about this subject. Not to bad, I did it in the past with 2 SDSL routers, load balanced, redundant. I am doing it again now but no load balancing. Just two ISP's multiple lans. Still got some weird ARP and DHCP issues. Thus being back on the list, but those are for another thread. > yeah, i tried them all, including patching the kernel with some > suggested patches, but never got load balancing to work, so gave it up > long time ago. Load balancing is a tricky thing. Has to be done from the outside in by DNS round robin. From the inside out via multipath gateways and etc. Not sure if it's still current and or valid. I could not find the patches from yester year. But along with Julian's dead gateway patches. Were patches for nat and multipath. But in a nut shell, the Linux box must be doing nat. Without nat, no go on load balancing. I used to do two rounds of nat/pat. One on the routers, then again on the Linux box. > at the end, i put default route on one interface, and selected > manually what will go via the other via fwmark and/or source routing > and/or standard routing (i.e. dest routing) So far I have not had to use fwmark or other means to classify packets or etc. Doing it based on sources atm. Working fine for the most part. A few quirks but no show stoppers or major issues. -- Sincerely, William L. Thomson Jr. Obsidian-Studios, Inc. http://www.obsidian-studios.com _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
