RE: Firewall configuration with two ISP

To: Mike Schmitz <mschmitz@colug.org>, debian-admintool@lists.debian.org, debian-isp@lists.debian.org, debian-firewall@lists.debian.org
Subject: RE: Firewall configuration with two ISP
From: "Graf, Christian" <Christian.Graf@enterasys.com>
Date: Mon, 2 Apr 2001 14:18:27 +0100
Message-id: <81AF79A406C2D311AD740090273CA35601426F0F@fra-exc1.ctron.com>

hi mike,

actual layer 4-switches will provide you with lots of nice features:
load-balancing between providers
wire speed acl
load-balancing using acl-rules
wire speed throughput
routing protocols and of course static-routes

if you need some more information, feel free to contact me

christian

-----Original Message-----
From: Mike Schmitz [mailto:mschmitz@colug.org]
Sent: Wednesday, March 28, 2001 10:29 PM
To: debian-admintool@lists.debian.org; debian-isp@lists.debian.org;
debian-firewall@lists.debian.org
Subject: Re: Firewall configuration with two ISP


On Wed, Mar 28, 2001 at 12:50:08PM +0530, Bala wrote:
> Hello
>   In Debian GNU/Linux, I have configured three network cards. I'm having
> leased line connection from two ISP's with two different series of IP
> addersses. With first card I, have configrued ISP1 and with second card, I
> have configured with ISP2. With the third card, I have configured my LAN.
> Now I'm able to ping both the ISP's gateway from my machine. But, I'm NOT
> able to access my machine with one of the Internet IP from Internet. What
> could be the problem??

There was a list of URL posted here in the debian-firewall mailing list.
One of them had a section that might be of interest.  It has the balancing 
for the opposite direction,  but it should help get you there.

http://www.linuxsecurity.com/feature_stories/kernel-netfilter.html

The appropriate section:

    So, to develop a simple and inexpensive load balanacing solution,
    you might use the following to have your firewall redirect some of 
    the traffic to each of the web servers at 192.168.1.100, 192.168.1.101 
    and 192.168.1.102, as follows: 

             #
             # Modify destination addresses to 192.168.1.100, 
             # 192.168.1.101, or 192.168.1.102

             # iptables -t nat -A POSTROUTING -i eth1 -j DNAT \
                     --to 192.168.1.100-192.168.1.102

-- 
Mike Schmitz<mschmitz@colug.org>	http://ddns.colug.org/mschmitz
	My thoughts on h4x0rs:  Consider the complacency
	and arrogance that would cause a porcupine to sleep
	on its' back.


--  
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

Prev by Date: Re: Active & passive FTP
Next by Date: Re: Active & passive FTP
Previous by thread: Re: bridging
Next by thread: SSh
Index(es):
- Date
- Thread