Network Routing Configuration
I have four network cards, detailed below. eth0 and eth3 connect to my ISPs, and eth1 and eth2 connect to local networks. I want to route all traffic from eth2 to eth0, and from eth1 to eth3. However, I am having a few problems with this.
gw: 192.168.100.254 (ISP)
gw: 192.168.20.253 (eth3)
gw: 192.168.100.253 (eth0)
gw: 192.168.20.254 (ISP)
I have tried setting up routing using these commands:
echo "ISP_1" >> /etc/iproute2/rt_tables
echo "ISP_2" >> /etc/iproute2/rt_tables
ip route add 192.168.4.0/22 dev eth2 src 192.168.7.253 table ISP_1
ip route add default via 192.168.100.253 table ISP_1
ip route add 192.168.0.0/22 dev eth1 src 192.168.3.253 table ISP_2
ip route add default via 192.168.20.253 table ISP_2
ip rule add from 192.168.7.253 table ISP_1
ip rule add from 192.168.3.253 table ISP_2
However, this yielded no success. I have also tried a simple iptables forwarding configuration (without the routing config above):
iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth3 -j ACCEPT
iptables -A FORWARD -i eth3 -o eth1 -j ACCEPT
# default policy
iptables -P FORWARD DROP
Again, with no success. I do have a reasonably complex firewall in place, but no other rules in the FORWARD section of the firewall. I have a number of open ports under INPUT for other services the machine provides, and nothing under OUTPUT.
In the NAT section, I have no rules in OUTPUT, a couple of MASQUERADING rules under POSTROUTING, and hundreds of rules under PREROUTING (accepting or denying machines based on their MAC).
I've had a few thoughts on this; do I need to have four default gateways configured; one for each network card? And do I need more (or any) forwarding rules in the firewall?
I have also got the following configured:
"echo 1 > /proc/sys/net/ipv4/ip_forward"
I've been struggling with this problem for some time now, and it's really starting to annoy me. I would really appreciate any feedback people could send me.