Server with two ISPs and multiple IPs

To: debian-isp@lists.debian.org
Subject: Server with two ISPs and multiple IPs
From: Guillaume Filion <gfk@logidac.com>
Date: Thu, 26 Feb 2009 12:56:10 -0500
Message-id: <[🔎] 49A6D7BA.2040608@logidac.com>

Hi,

I'm configuring a server that is connected to two ISPs and I'm having
a hard time making it work. I followed the instructions in
http://www.debian-administration.org/articles/377 but it's written with
a router in mind, so I guess that I'm missing something...

My setup is:
ISP1 gives me a.b.200.0/24
ISP2 gives me c.d.57.160/27
The server in question has 4 NICs.
The default gateway is with ISP1 and I'm having trouble reaching the
server from the outside via ISP2.

Here's the relevant part of /etc/network/interfaces:
###########
auto eth1
iface eth1 inet static
 address a.b.200.226
 netmask 255.255.255.0
 post-up ip route add a.b.200.0/24 dev eth1 src a.b.200.226 table isp1A
 post-up ip route add default via a.b.200.1 table isp1A
 post-up ip rule add from a.b.200.226 table isp1A
 post-down ip rule del from a.b.200.226 table isp1A

auto eth2
iface eth2 inet static
 address c.d.57.186
 netmask 255.255.255.224
 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.186 table isp2A
 post-up ip route add default via c.d.57.161 table isp2A
 post-up ip rule add from c.d.57.186 table isp2A
 post-down ip rule del from c.d.57.186 table isp2A

auto eth2:0
iface eth2:0 inet static
 address c.d.57.172
 netmask 255.255.255.224
 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.172 table isp2B
 post-up ip route add default via c.d.57.161 table isp2B
 post-up ip rule add from c.d.57.172 table isp2B
 post-down ip rule del from c.d.57.172 table isp2B

auto eth2:1
iface eth2:1 inet static
 address c.d.57.166
 netmask 255.255.255.224
 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.166 table isp2C
 post-up ip route add default via c.d.57.161 table isp2C
 post-up ip rule add from c.d.57.166 table isp2C
 post-down ip rule del from c.d.57.166 table isp2C
###########
And I added this rule in /etc/rc.local:
ip route add default scope global \
  nexthop via a.b.200.1 dev eth1 weight 2
  nexthop via c.d.57.161 dev eth2 weight 1
###########
gfk@lb2:~$ ip route list table main
c.d.57.160/27 dev eth2  proto kernel  scope link  src c.d.57.186
a.b.200.0/24 dev eth1  proto kernel  scope link  src a.b.200.226
10.20.30.0/24 dev eth0  proto kernel  scope link  src 10.20.30.16
default via a.b.200.1 dev eth1
gfk@lb2:~$ ip route list table isp1A
a.b.200.0/24 dev eth1  scope link  src a.b.200.226
default via a.b.200.1 dev eth1
gfk@lb2:~$ ip route list table isp2A
c.d.57.160/27 dev eth1  scope link  src c.d.57.186
default via c.d.57.161 dev eth2
gfk@lb2:~$ ip route list table isp2B
c.d.57.160/27 dev eth1  scope link  src c.d.57.172
default via c.d.57.161 dev eth2
gfk@lb2:~$ ip route list table isp2C
c.d.57.160/27 dev eth1  scope link  src c.d.57.166
default via c.d.57.161 dev eth2
###########

My problem is that from the outside of the subnet, I can connect to
c.d.57.186 (eth2) but not c.d.57.172 (eth2:0) or c.d.57.166 (eth2:1)

Thanks a lot for the help,
GFK's
-- 
Guillaume Filion
http://guillaume.filion.org/

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: Server with two ISPs and multiple IPs
  - From: Alex <trace.localhost@gmail.com>

Prev by Date: Re: (solved) mpm-itk "Permission denied: unable to connect to cgi daemon after multiple tries:"
Next by Date: Re: Server with two ISPs and multiple IPs
Previous by thread: Re: (solved) mpm-itk "Permission denied: unable to connect to cgi daemon after multiple tries:"
Next by thread: Re: Server with two ISPs and multiple IPs
Index(es):
- Date
- Thread