RE: Firewall configuration with two ISP
actual layer 4-switches will provide you with lots of nice features:
load-balancing between providers
wire speed acl
load-balancing using acl-rules
wire speed throughput
routing protocols and of course static-routes
if you need some more information, feel free to contact me
From: Mike Schmitz [mailto:firstname.lastname@example.org]
Sent: Wednesday, March 28, 2001 10:29 PM
To: email@example.com; firstname.lastname@example.org;
Subject: Re: Firewall configuration with two ISP
On Wed, Mar 28, 2001 at 12:50:08PM +0530, Bala wrote:
> In Debian GNU/Linux, I have configured three network cards. I'm having
> leased line connection from two ISP's with two different series of IP
> addersses. With first card I, have configrued ISP1 and with second card, I
> have configured with ISP2. With the third card, I have configured my LAN.
> Now I'm able to ping both the ISP's gateway from my machine. But, I'm NOT
> able to access my machine with one of the Internet IP from Internet. What
> could be the problem??
There was a list of URL posted here in the debian-firewall mailing list.
One of them had a section that might be of interest. It has the balancing
for the opposite direction, but it should help get you there.
The appropriate section:
So, to develop a simple and inexpensive load balanacing solution,
you might use the following to have your firewall redirect some of
the traffic to each of the web servers at 192.168.1.100, 192.168.1.101
and 192.168.1.102, as follows:
# Modify destination addresses to 192.168.1.100,
# 192.168.1.101, or 192.168.1.102
# iptables -t nat -A POSTROUTING -i eth1 -j DNAT \
Mike Schmitz<email@example.com> http://ddns.colug.org/mschmitz
My thoughts on h4x0rs: Consider the complacency
and arrogance that would cause a porcupine to sleep
on its' back.
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact