-   Linux - Networking (
-   -   Advanced routing based on outgoing port (

tenko20xx 02-12-2009 05:41 PM

Advanced routing based on outgoing port
We currently have two uplinks that we can use here but only one is in use. The other we use as a backup for when our main uplink fails. I've recently read about how I can setup our router to be connected to both and use them simultaneously to do load balancing which is awesome. What I'd really like to happen though is for us to be able to send FTP through one uplink and everything else through the other.

One of our connections is a 3Mbps-down/up connection and the other is 10Mbps-down/768Kbps-up and a couple days out of the week, we upload a few gigs worth of jpegs to our webserver. That tends to typically take up a lot of bandwidth and slow everyone else down. So it would be optimal if FTP had its own dedicated line so that it doesn't use up everyone else's bandwidth and because our backup uplink actually has faster upload speeds. So in summary, the configuration I would like is:

FTP -> 3Mbps Connection
All other services -> 10Mbsp/768Kbsp Connection

I would really like this to be able to the entire network as opposed to having a single system that has its own dedicated line out to the Internet that we used to FTP. Is there any way this can be accomplished?

Valkyr1e 02-14-2009 11:11 AM

You need to setup a routing protocol and ACL for you to do this. It can also be done with static routes too by including a different metric for each link.
Basic example of commands for a cisco router would be:
R1 = ISP(s)
R2 = your router

Link1 = ftp
Link2 = *

Link 1 on R1 to R2 will be
Link 2 on R1 to R2 will be

on R1 (the ISP(s) routers))

router ospf 1
network area 0
network area 0

on R2 (your router)

host R2

interface fas 0
description for FTP only
ip access-group 101 out

interface fas 1
description for everything else
ip access-group 102 out

router ospf 1 area 0 area 0
log detail

access-list 101 remark For ftp only
access-list 101 permit tcp any any eq 20
access-list 101 permit tcp any any eq 20
access-list 101 deny ip any any log
access-list 102 remark For everything else
access-list 102 permit ip any any

Now this is just to give you the basic idea. You are probably NOT using ospf on your internet interfaces as ospf is an internal routing protocol. if you can get bgp setup between you and your isp's or if you cant then just do static routing and say that one link has a better metric than the other. Now, I can't help much with bgp as I am not well versed in that yet :P (am working on that though) anyway, I hope this helps.

Valkyr1e 02-14-2009 12:18 PM

One other note you can also do this on a host-based router via linux. check out

and for routing protocols go by

All times are GMT -5. The time now is 01:49 PM.