[Shorewall-users] 4 nic linux router

niels@wxn.nl niels@wxn.nl
Sun, 8 Sep 2002 13:41:17 +0200


1.

> *ip route add 192.168.119.0/24 via 192.168.119.101 table 1

It's your local route to your local subnet... So there isn't a "via", I
think you mean:
#ip route add 192.168.119.0/24 dev ethX table 1

And this isn't correct too:
> ip rule add from 209.141.2.194 lookup 2
I think you meant:
#ip rule add from 209.141.2.194 pref 2

2. 

I never did this exact same setup before but I think it should work like
this:

Every interface has an IP adress and subnet (for example /24) and an
interface number:

For example I made up these ifnumbers:
Eth0 = 66.92.114.46/24
Eth1 = 209.141.2.194/24
Eth2 = 192.168.119.101/24
Eth3 = 192.168.120.101/24

Then I would make the ip rules depending on the interface the packet arrives
on, and not the subnet!

So if I didn't oversee anything then this should work for you:

#ip ru add dev eth0 table 1 pref 1
#ip ru add dev eth2 table 1 pref 1
#ip ru add dev eth1 table 2 pref 2
#ip ru add dev eth3 table 2 pref 2
#ip ro add default via 66.92.114.33 dev eth0 table 1
#ip ro add default via 209.141.2.194 dev eth1 table 2
#ip ro add 192.168.119.0/24 dev eth2 table 1
#ip ro add 192.168.120.0/24 dev eth3 table 2


Hope it helps, 
Niels.


-----Original Message-----
From: Thad Marsh [mailto:thad@marshtek.com] 
Sent: zaterdag 7 september 2002 14:44
To: niels@wxn.nl; shorewall-users@shorewall.net
Subject: RE: [Shorewall-users] 4 nic linux router


Thanks Niels,
 
I had looked at the url you posted and it was in fact the closest bit of
information I had found to what I am trying to do.  The only problem was
that I wasn't trying to split 2 wan to one but rather 2wan to 2 local.  I
tried doing this but it didn't seem to work.
The lists would not accept * line below, probably syntax but I could not
find:
 
ip rule add from 66.92.114.46 lookup 1
*ip route add 192.168.119.0/24 via 192.168.119.101 table 1
ip route add 0/0 via 66.92.114.33 table 1
 
ip rule add from 209.141.2.194 lookup 2
*ip route add 192.168.120.0/24 via 192.168.120.101 table 1
ip route add 0/0 via 209.141.2.194 table 1
 
ip rule list
0:      from all lookup local
32764:  from 209.141.2.194 lookup 2
32765:  from 66.92.114.46 lookup 1
32766:  from all lookup main
32767:  from all lookup 253
 
ip route list table 1
192.168.119.0/24 via 192.168.119.101 dev eth2
default via 66.92.114.33 dev eth0
 
ip route list table 2
192.168.120.0/24 via 192.168.120.101 dev eth3
default via 209.141.2.195 dev eth1
 
let me know if you see something easy?
 
 
-----Original Message-----
From: niels@wxn.nl [mailto:niels@wxn.nl]
Sent: Saturday, September 07, 2002 6:00 AM
To: Thad Marsh; shorewall-users@shorewall.net
Subject: RE: [Shorewall-users] 4 nic linux router
 
Hi,
 
This URL should help you out
 
http://lartc.org/howto/ (check chapter 4!)
 
Regards, Niels
 
 
-----Original Message-----
From: Thad Marsh [mailto:thad@marshtek.com] 
Sent: zaterdag 7 september 2002 2:40
To: shorewall-users@shorewall.net
Subject: [Shorewall-users] 4 nic linux router
 
I have scoured the net, gotten a few pointers from Tom(while he was on vaca,
thanks tom) and looked at several books and still have not come up with a
satisfactory solution.  
 
I know someone has done it!  
 
Can some one point me to a reference for how to route two wan nics and two
internal nics on the same box.  
 
I have tried using ip add to setup two separate lookup tables and route
tables but to know avail. Any help greatly appreciated!
 
This is what I have 
 
66.92.114.46                              209.141.2.194
|                       |
xxxxxxxxxxxxxxxx
redhat 7.3 will run ShoreWall
xxxxxxxxxxxxxxxx
192.168.119.101         192.168.120.101
            |                                   |
each network will have servers running here
192.168.119.100                  192.168.120.100
xxxxxxxxxxxxxxxxx
failover box
xxxxxxxxxxxxxxxxx
192.168.121.101
internal mail server