Hi,
I configure my front web Server, which have squid as well to manage now 2 provider.
I follow the procedure from LARTC which after few (LOTS) of headache works fine.
Mostly...
My Script
Code:
## Check : lartc.org/howto/lartc.rpdb.multiple-links.html
echo "[Configuration for Mutiple Provider]"
# Connection 1 : Lease line
IF1="eth0"
IP1="203.0.0.5"
P1_GW="203.0.0.4"
P1_NET="203.0.0.3/29"
# Connection 2 : ADSL
IF2="eth2"
IP2="10.0.1.2"
P2_GW="10.0.1.1"
P2_NET="10.0.1.0/24"
# Local Network
IF0="eth1"
IP0="10.0.0.1"
P0_GW="10.0.0.2"
P0_NET="10.0.0.0/24"
# Table
T1="201"
T2="202"
# Create Routing tables for eache Provider
echo "Creating Default Routing Table"
ip route add $P1_NET dev $IF1 src $IP1 table $T1
ip route add default via $P1_GW table $T1
ip route add $P2_NET dev $IF2 src $IP2 table $T2
ip route add default via $P2_GW table $T2
# Create Main Route
echo "Creating Main Route"
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add $P0_NET dev $IF0 src $IP0
# Set Routing Rules
echo "Creating Routing Rules"
ip rule add from $IP1 table $T1
ip rule add from $IP2 table $T2
ip route add $P0_NET dev $IF0 table $T1
ip route add $P2_NET dev $IF2 table $T1
ip route add 127.0.0.0/8 dev lo table $T1
ip route add $P0_NET dev $IF0 table $T2
ip route add $P1_NET dev $IF1 table $T2
ip route add 127.0.0.0/8 dev lo table $T2
# Creating the Load Balancing
ip route add default scope global nexthop via $P1_GW dev $IF1 weight 1 nexthop via $P2_GW dev $IF2 weight 3
The problem is : This Router/server is my web server as well, which have 2 web site.
From outside if I ping or do a traceroute to my server, sometime he will go from one interface eth0 or the second eth1.
I think I need to restricted the access for my web site (IP : 203.0.0.5) to only from one interfaces, and block traffic between the both.
SO, How can I block traffic from eth2 to eth0 without having impact on the config??
Thanks for your help
Smadon
