Has anyone of you set up a NAT server connecting to more than one ISP? We are switching isp's and I wanted to avoid downtime by using both networks simultaneously for some time.
My preliminary findings: I have two cards connected to cable modems and have read the brillant Linux Advanced Routing and Traffic Control Howto, which explains how to set up a linux machine to connect to more than one ISP, however, it starts from scratch using the iproute package. I have handled the NAT of my internal network with the ipmasq debian package and I like not having to write every rule by hand (especially when a ppp link comes up, which is the case for me with vpn connections). I'm not worried about load balancing or anything like that yet, I would only like to be visible on both networks and route all masqeraded traffic through one of the links. So what do you suggest, should I 1) Write everything by hand, not using ipmasq, 2) Extend ipmasq's rules somehow to fire the routing tables up correctly 3) Just run a script after ipmasq to introduce For your information, that's how far I came: root# ip route show xx.yy.zz.16/29 dev eth2 proto kernel scope link src xx.yy.zz.17 aa.bb.cc.160/28 dev eth0 proto kernel scope link src aa.bb.cc.162 10.0.0.0/8 dev eth1 proto kernel scope link src 10.0.0.1 default via aa.bb.cc.161 dev eth0 I tried introducing a second default route: default via xx.yy.zz.22 dev eth2 src xx.yy.zz.17 The second default route is never reached, so my idea of avoiding routing tables using a src for the gateway didn't work. Swapping the default routes gets eth2 pinging but eth0 switches off. I can see the pings on the card without a default gateway attached coming in (with tcpdump) but the kernel seems to reply the ping on the default gateway. root# grep eth0 /etc/ipmasq/rules/A01precompute.rul export EXTERNAL="eth0 eth2" [blue:~] root# ifconfig eth0 Link encap:Ethernet HWaddr 00:04:75:AD:6B:C9 inet addr:aa.bb.cc.162 Bcast: aa.bb.cc.175 Mask:255.255.255.240 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3249800 errors:0 dropped:0 overruns:0 frame:0 TX packets:3410039 errors:0 dropped:0 overruns:0 carrier:42 collisions:7905 RX bytes:1235492433 (1.1 GiB) TX bytes:1549390655 (1.4 GiB) eth1 Link encap:Ethernet HWaddr 00:04:76:0E:C1:1D inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0 EtherTalk Phase 2 addr:65280/113 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5240114 errors:0 dropped:0 overruns:1 frame:0 TX packets:4930194 errors:0 dropped:0 overruns:0 carrier:1579 collisions:0 RX bytes:2028758870 (1.8 GiB) TX bytes:1876902432 (1.7 GiB) eth2 Link encap:Ethernet HWaddr 00:D0:B7:79:51:9F inet addr: xx.yy.zz.17 Bcast: xx.yy.zz.23 Mask:255.255.255.248 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11565 errors:0 dropped:0 overruns:0 frame:0 TX packets:3579 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 RX bytes:3456804 (3.2 MiB) TX bytes:458136 (447.3 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 EtherTalk Phase 2 addr:0/0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1083536 errors:0 dropped:0 overruns:0 frame:0 TX packets:1083536 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 RX bytes:139937541 (133.4 MiB) TX bytes:139937541 (133.4 MiB) Thank you for your help. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]