On Thu, 2012-01-12 at 17:48 -0500, Dimitri Yioulos wrote: > > > Now, I need to add a second WAN (provided by a second > > > provider). I need it to serve specific boxes in the DMZ, both > > > inbound and outbound. Currently, all boxes in the DMZ are > > > served by the single WAN connection. I'm not sure what other > > > information I need to provide you, but I'm hoping you all can > > > help with very specific instructions or a very detailed > > > how-to > > > > If you check the list archives there's been a few discussions > > on this recently (search for load balancing). > > > > One way of doing it is marking each connection and balancing > > those, as described in this excellent web page: > > > > http://www.sysresccd.org/Sysresccd-Networking-EN-Iptables-and-n > >etfilter-load-balancing-using-connmark > > > > Thank, Andy. I'll give it a read. I'm not sure I'm after load > balancing, though, but rather dedicating one WAN to a specific > set of machines, if that's even possible. Ah, sorry, you did say that, I just misread your email (and original diagram of course!) > Also, I've seen > how-to's on the NET, but all assume that you're starting fresh, > and adding two WAN connections. I already have one in place, and > working fine. Well that should be pretty easy to be honest. What Lloyd wrote looks pretty spot-on, and is the way that I would approach this problem. Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
