Re: Fedora Firewall with multiple public IPs

From: Bill Davidsen <davidsen@xxxxxxx>
Date: Sat, 03 Oct 2009 15:17:06 -0400

Gabriel - IP Guys wrote:

Thank you for taking the time to read my message.

I wish to build a fedora box that will take control of all my ADSL connections – I use 2 ADSL modems with Ethernet connections, and multiple public static IPs on each. I wish for my internal network to only see one gateway, and have the gateway determine which route is the best route based on traffic type, and route availability.

As far as I'm concerned, it should follow these ‘basic’ rules

· All traffic goes via my unlimited connection (with the exception of)

· Email – Goes via an SMTP relay for one of our providers, which has been added to our DNS

· SIP traffic goes via the same provider, as they provide a rock solid connection

If my A1 provider is absent for any reason, then use my B1 provider, until A1 comes backup. Any ideas, and suggestions will be appreciated J

Make the cheap unlimited ISP the default route, use the mangle table to MARK the connections you want to go through the other ISP, then use a source route based on the MARK to force the packets out the non-default interface. Use the nat table to SNAT the marked packets to the correct source address.

I do that at several sites.

--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Follow-Ups:
- Re: Fedora Firewall with multiple public IPs
  - From: Tait Clarridge

References:
- Fedora Firewall with multiple public IPs
  - From: Gabriel - IP Guys

Prev by Date: Re: Viewing answers to one's nntp posts in Thunderbird
Next by Date: Re: CF and Swap
Previous by thread: Re: Fedora Firewall with multiple public IPs
Next by thread: Re: Fedora Firewall with multiple public IPs
Index(es):
- Date
- Thread

Relevant Pages

Re: Fedora Firewall with multiple public IPs
... I wish to build a fedora box that will take control of all my ADSL ... connections – I use 2 ADSL modems with Ethernet connections, ... and have the gateway determine which route is the best route based ...
(Fedora)
Fedora Firewall with multiple public IPs
... I wish to build a fedora box that will take control of all my ADSL ... connections - I use 2 ADSL modems with Ethernet connections, ... best route based on traffic type, ...
(Fedora)
Packet routing by source IP
... I have two internet connections and a lan on which I run a server. ... ISP connection 1 goes into a linux router and the connection 2 goes ... iptables has a ROUTE target and can route the packets by source IP. ...
(comp.os.linux.networking)
Re: Multiple internet connections routing.
... >> connections end up on the same gateway machine) whenever first ... >> register their addresses as your primary and secondary DNS ... A connection surveillance mechanism, triggering a route switching ... And the route switching script itself. ...
(comp.os.linux.networking)
Re: Network Setup Advice
... This lets inbound connections work for mail, ... lest you have the neighborhood skript-kiddy surfing pr0n and sending ... and that is going to have to be the route ... are going to have considerable confusion over which interface to use. ...
(comp.os.linux.networking)