seer_tenedos 03-26-2005 07:43 PM

2 networks and 2 internet connections on linux router
I am not a linux expert. I will say that out front so you understand my level a little more i have a few friends that use linux every day and they help me and i have a basic understanding of linux and now to navigate it.

This is what i am trying to do. I have 2 internet connections. Bigpond and internode. Bigpond is extremely fast but is expensive and limited to 1gb a month. Internode is slower but is uncapped.

I also have 2 LAN's, one is my parents that will use the fast connection for everything at this stage. The second LAN is my own that will use a mixture of the fast and slower connecting. My lan will use the slow connection for most things but will use the fast connection for web traffic.

At the min i am just trying to get my parents LAn to use the fast connection and min to use the slow one but i can't get it to work. I have followed many different guides on this all over the net but they all seem to be missing something.

here is my network config
bigpond gateway ip
internode gateway ip

my 4 cards on mandrake 10.1 server
eth0 (my LAN)
eth1 (parents LAN)
eth2 (internode connection to gateway (
eth3 (bigpond connection to gateway (

Can anyone provide some info on how i should set this up? I have shorewall installed as well and i have enabled advance routing. i have almost everything working with shorewall apart from selecting a different routing table with a different gateway depending on the interface the connection is coming from (eth0 or eth1). I have tried everything but no matter what i do it fails.

eth0 uses eth2 and its gateway for most internet traffic
eth1 uses eth3 for ites gateway and most of its internet traffic
eth0 and eth1 need to be able to talk to each other as well.

While i would love for eth0 to use eth3 for some web and eth1 to use eth2 for some data i would be happy for now just to get the above summary working.

I hope someone can please help me I really can't find the info i need to do this.

thanks in advance


Half_Elf 03-26-2005 09:03 PM

you probably need to set up some iptables rules now. Your system probably dont know where to send traffic right now. So you have to nat connection from your parent subnet to the fast ISP and the one from you to the slow one. Something like :
iptables -t nat -A POSTROUTING -s -o eth2 -j MASQUERADE
This will work as long as your parents gateway is bigpond gateway (you might want to ajust your DHCP server to send the correct address).
Or you could force their traffic to be routed to the ISP too, with something like
iptables -t nat -A PREROUTING -s -j DNAT --to-destination
(but I really dont know how this will react with the masquerading, you will have to test).

With some time, you could really setup a nice router, with bandwidth throlling and dynamic routing :D

seer_tenedos 03-26-2005 11:20 PM

bit more detail please
i am about to try your commands but i suspect from what i have been reading that i need to do more than that.

i have been getting lost in the routing tables. may issue is that i have 2 different gateways and depending on which interface the request comes from eth0 or eth1 i need to use a different gateway.

What i really need is a step by step instructions for both connections almost or someone to point me to a set that is complete or comment on what is missing assuming a know nothing about routing etc i need to be able to just follow the steps and set request to the internet and back for say web requests

i am about to play around with the commands you gave me but if you could provide any more info it would be great.

Also the traffic shaping etc is planned but i am just trying to get the basic connection sharing working at the min. The main issue i have is everything refers to load balancing but that is not what i want. i need set data to go out set connections. ie i hope to send all web out the fast one and all p2p out the slower one


seer_tenedos 03-26-2005 11:22 PM

further info
also please note that the gateways for the 2 LANS will be and so my linux box will be the gateway for both.


seer_tenedos 03-26-2005 11:51 PM

both commands above failed
both commands had a similar effect where all traffic was redirect to the gateways. this seems good at first but then i found out it is redirected to the gateway in a way that the gateway responds to requests and does not send them onto the internet. My ping tests looked great becayse the gateway responed to all pings. If i type in a invalid ip the gateway still reponds. thats how i descoved what was happening.

Any other ideas?

seer_tenedos 03-27-2005 06:49 AM

Guys i manages to solve the proplem.

If anyone is interested in how to complete the what i was asking above just le me know and i will post how i did it.

I still have to implement directing soem ports to the other internect connection but i know how to do most of this. If anyone knows where i can get a web GUI for shorewall that will let me set the mark on rule or TOS entry?

regards chris

Chimpus 03-27-2005 07:24 AM

I'm also interested in a similar matter. Can u post the solution that worked for u?


