Hi, I'm configuring a server that is connected to two ISPs and I'm having a hard time making it work. I followed the instructions in http://www.debian-administration.org/articles/377 but it's written with a router in mind, so I guess that I'm missing something... My setup is: ISP1 gives me a.b.200.0/24 ISP2 gives me c.d.57.160/27 The server in question has 4 NICs. The default gateway is with ISP1 and I'm having trouble reaching the server from the outside via ISP2. Here's the relevant part of /etc/network/interfaces: ########### auto eth1 iface eth1 inet static address a.b.200.226 netmask 255.255.255.0 post-up ip route add a.b.200.0/24 dev eth1 src a.b.200.226 table isp1A post-up ip route add default via a.b.200.1 table isp1A post-up ip rule add from a.b.200.226 table isp1A post-down ip rule del from a.b.200.226 table isp1A auto eth2 iface eth2 inet static address c.d.57.186 netmask 255.255.255.224 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.186 table isp2A post-up ip route add default via c.d.57.161 table isp2A post-up ip rule add from c.d.57.186 table isp2A post-down ip rule del from c.d.57.186 table isp2A auto eth2:0 iface eth2:0 inet static address c.d.57.172 netmask 255.255.255.224 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.172 table isp2B post-up ip route add default via c.d.57.161 table isp2B post-up ip rule add from c.d.57.172 table isp2B post-down ip rule del from c.d.57.172 table isp2B auto eth2:1 iface eth2:1 inet static address c.d.57.166 netmask 255.255.255.224 post-up ip route add c.d.57.160/27 dev eth1 src c.d.57.166 table isp2C post-up ip route add default via c.d.57.161 table isp2C post-up ip rule add from c.d.57.166 table isp2C post-down ip rule del from c.d.57.166 table isp2C ########### And I added this rule in /etc/rc.local: ip route add default scope global \ nexthop via a.b.200.1 dev eth1 weight 2 nexthop via c.d.57.161 dev eth2 weight 1 ########### gfk@lb2:~$ ip route list table main c.d.57.160/27 dev eth2 proto kernel scope link src c.d.57.186 a.b.200.0/24 dev eth1 proto kernel scope link src a.b.200.226 10.20.30.0/24 dev eth0 proto kernel scope link src 10.20.30.16 default via a.b.200.1 dev eth1 gfk@lb2:~$ ip route list table isp1A a.b.200.0/24 dev eth1 scope link src a.b.200.226 default via a.b.200.1 dev eth1 gfk@lb2:~$ ip route list table isp2A c.d.57.160/27 dev eth1 scope link src c.d.57.186 default via c.d.57.161 dev eth2 gfk@lb2:~$ ip route list table isp2B c.d.57.160/27 dev eth1 scope link src c.d.57.172 default via c.d.57.161 dev eth2 gfk@lb2:~$ ip route list table isp2C c.d.57.160/27 dev eth1 scope link src c.d.57.166 default via c.d.57.161 dev eth2 ########### My problem is that from the outside of the subnet, I can connect to c.d.57.186 (eth2) but not c.d.57.172 (eth2:0) or c.d.57.166 (eth2:1) Thanks a lot for the help, GFK's -- Guillaume Filion http://guillaume.filion.org/
Attachment:
signature.asc
Description: OpenPGP digital signature