Hello list, I have a problem that has had me stumped for a couple of days: The local server LAN has two routers. Each of these has a public IP address to the world and an inside address on the LAN. Behind them on the LANare a webserver, a mailserver, etc. Both the routers should be doing PAT so that external ip A port 80 goes to internal webserver IP port 80 and external ip B port 80 goes to the same port. Now, this raises the very simple problem that the poor webserver can only have one default gateway, so it can't feed back packets properly to both routers. Very well, I thought I'd use iproute2 this way: Router A (which has internal IP intA and external IP extA) PATs extA:80 to webA:80 Router B PATs extB:80 to webB:80 . Webserver has webA and webB as IPs (aliases) on its eth0 device and it also has the following rules: 32762: from all to webA lookup routA 32763: from all to webB lookup routB Then it has the following routes: ip add route default via intA dev eth0 table routeA ip add route default via intB dev eth0 table routeB ip add route 10.0.0.0 dev eth0 Now, what this is intended to do is: when a packet hits routerA port 80, it PATs it to webA:80, the webserver recognises that the packet comes to its webA IP and feeds back the return packets to routerA. Same goes for routerB. Sounds fine, right? Except that it doesn't work. The only way I can get any packets back is if I say 'ip route add default via routerA||routerB dev eth0' - of course, this renders the other router useless. For reference, the routers are CISCO boxes running a 12.2T IP/FW Plus and the webserver is a Linux box running 2.4.17 and the debian iproute2 package. Thanks in advance. Help would be greatly appreciated. Regards, Luigi Fabio - lfabio_linux@smiling-web.com - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
