Multiple Gateways
Here is my situation:
I'm using SuSE 9.1 Pro. I have two DSL connections both managed with Linksys routers. Linksys #1- 192.168.1.1 Linksys #2- 192.168.1.50 I have the Linux box with two network cards setup as a gateway for the internal LAN. eth0 - 192.168.0.1 eth1 - 192.168.1.253 The default route right now on the Linux box is 192.168.1.1 (Linksys#1) I have successfuly setup NATing on the Linux box. Right now my internal LAN points to 192.168.0.1 for a gateway and has internet access on Linksys #1. I can simply switch my default gateway on the Linux box to 192.168.1.50 and then everyone has access on the second DSL connection (Linksys#2) What I need to do is... Get everyone accessing the net on the first DSL connection execpt for three clients. I want three hosts on the internal LAN 192.168.1.51 192.168.1.52 192.168.1.53 to use the same gateway as everyone else (192.168.0.1) but get routed to use the second DSL connection.(192.168.1.50) I have fooled around with NATing rules and route commands without success. I am wondering if this "conditional routing" is possilbe with my current setup? I have been able to setup multiple gateways depending on the traffic destination using route add -net etc... but that does not fully help me in my situation. I hope this is clear. If I have missed sharing any needed information, please let me know and I will be happy to share more information. :Pengy: Thanks so much for any light shed on my problem. Sam |
You didn't show your masks. I would really seperate the subnets if I were you. It would make routing much easier.
ken |
I would think you need to use Iptables. Try using the -s command in your masquerade statement. I haven't tried this but it may work.. If you are interested in this solution I can help more.
I did the same thing for a client once but I used two linux boxes because of proximity. I set static routes with a batch file on the pc's to use one firewall for specific destinations and the other for other surfing. m |
Thanks for answering guys.
Couple of things: If I subnet I am worried that the internal LAN wont be able to communicate with each other, including printers and NetBIOS etc... Right now everything is on 255.255.255.0. As far as the iptables are concerned, that is what I am using now, but I am using firewallbuilder to build my rules. I tried NATing those three IP addresses to a specific NIC (eth2) then making the gateway for that NIC 192.168.1.50. Is there a way with iptables, that I can forward certain hosts directly to another gateway? Thanks again for your thoughts, I really appreciate them. Sam |
yeah i think you can masq to different gateways with iptables. Try to find where the firewall builder is putting the statement that says all traffic from the internal host masq out through the external interface. Manually edit that file and add the "iptables ... -s x.x.x.x ..." command. The -s specifies the source address. At least read up on the -s command for iptables and see if it can do what you want.
m |
Alright, I will check to see what this -s switch is all about.
Thanks, |
The tutorial of Multihomed Linux Networking is exactly what you are looking for!
|
This article is brilliant.
I have looked over it a couple time and I am almost getting it now... Using this artile and learning how it works, will I be able to specify which internal clients get which gateway? I think that I would be able to manipulate the commands from the article to do this. Do you know if I am correct in assuming that? |
Your best bet to specify which clients get which gateway is to set up a DHCP server on your server and assign gateways to hosts. You could even group them together.
eg. (dhcpd.conf) Code:
group { |
I have multiple gateways done according to the tutorial that is posted in this thread. From my experience i have to say you that it doesnt work well in certain circumstances. It all depends what kind of services you use.
For example if you log into a DC++ hub (P2P) you will be kicked often. Why? Because hub will indicate that different IP is used for connection to hub and connection to other users. Also it doesnt work well for gaming. Different gateways will give your connection diffrent latency=ping=lag what results in strage effects and disconnections. On the other hand it works great with WWW Go and hack it, if you manage to solve problems let me know. But for real multiple gateways i'm afraid BGP router should be used --> see "zebra" |
All times are GMT -5. The time now is 05:52 AM. |