On Thursday 12 January 2012 5:28:39 pm Andrew Beverley wrote: > On Thu, 2012-01-12 at 16:51 -0500, Dimitri Yioulos wrote: > > Hi, folks. > > > > Please bear with me. I may have asked something similar in > > the way-back, but am going to ask again, because I really > > need to get this set up, have absolutely no idea how, and am > > pertrified at the prospect: > > > > I currently have an iptables/Netfilter firewall router > > configured thusly: > > > > WAN > > > > (192.168.x.x) LAN -- fw -- DMZ (10.x.x.x) > > > > OK, pretty basic. And, it has worked well for a long time. > > > > Now, I need to add a second WAN (provided by a second > > provider). I need it to serve specific boxes in the DMZ, both > > inbound and outbound. Currently, all boxes in the DMZ are > > served by the single WAN connection. I'm not sure what other > > information I need to provide you, but I'm hoping you all can > > help with very specific instructions or a very detailed > > how-to > > If you check the list archives there's been a few discussions > on this recently (search for load balancing). > > One way of doing it is marking each connection and balancing > those, as described in this excellent web page: > > http://www.sysresccd.org/Sysresccd-Networking-EN-Iptables-and-n >etfilter-load-balancing-using-connmark > > Andy > > > -- > To unsubscribe from this list: send the line "unsubscribe > netfilter" in the body of a message to > majordomo@xxxxxxxxxxxxxxx > More majordomo info at > http://vger.kernel.org/majordomo-info.html Thank, Andy. I'll give it a read. I'm not sure I'm after load balancing, though, but rather dedicating one WAN to a specific set of machines, if that's even possible. Also, I've seen how-to's on the NET, but all assume that you're starting fresh, and adding two WAN connections. I already have one in place, and working fine. Dimitri -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
