hi list,
i have a problem, we have a webserver behind a firewall. the firewall had one public IP address and was working fine. today i added a second nic to the firewall, with a different public IP address. and i want to use both public addresses to access the webserver.
i did read larct howto for this case (
http://www.lartc.org/lartc.html#AEN267) and made an script with it, but it is not working as expected. all response packets to requests to nic with second ip address eth4 (newer) are sent through nic of the the first ip address eth3 (the old one, that is also my default gateway). eth2 is the nic connecting with the webserver.
route -n in firewall:
~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
XX.220.XX.176 0.0.0.0 255.255.255.255 UH 0 0 0 eth3
YY.20.YY.0 0.0.0.0 255.255.255.255 UH 0 0 0 eth4
XX.220.XX.176 0.0.0.0 255.255.255.252 U 0 0 0 eth3
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
YY.20.YY.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
0.0.0.0 XX.220.XX.177 0.0.0.0 UG 0 0 0 eth3
the script:
~# cat /etc/network/routes.sh
#!/bin/bash
P1_NET=YY.20.YY.0
IF1=eth4
IP1=YY.20.YY.3
P1=YY.20.YY.2
P2_NET=XX.220.XX.176
IF2=eth3
IP2=XX.220.XX.178
P2=XX.220.XX.177
ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add default via $P2
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2
that's it, i am not an expert with routing, so any help is very welcome.
--
Roberto Scattini