(resending due to firewalls breakage) From: "Paul D. Robertson" <[EMAIL PROTECTED]> To: garentsen <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Re: (no subject) In-Reply-To: <[EMAIL PROTECTED]>
On Sat, 12 Jan 2002, garentsen wrote: > not sure whether this is the right group for firewall issues in > Linux but here goes: > > I've got two ISP's providing me with 10 Mbit and 3 Mbit internet > access at home. I would like to set up my Linux (or any other OS) > firewall to distribute my load evenly between theese two. Outbound that's probably fairly easy to do with QoS code- and Linux has QoS code in the kernel if you enable it- however if it's two ISPs, they probably have different address spaces, and hopefully won't accept traffic advertised from the wrong one, or advertise each others traffic without a prior agreement. Without exchanging route information with the providers, you'd need to do some sort of stream-based routing- probably throwing some NAT in the mix would help somewhat. There's also probably a way with gated and IP_ROUTE_MULTIPATH. I'd expect that you'd have more success asking on a QoS list- surely the class based queuing stuff has gone there before. I know there was also some *BSD nat stuff that was looking to do the same sorts of things a while back, so checking there might help also. > I have no need of a DMZ but my internal network has an NT server > with IIS running. I would like to configure the FW so that any > request to IIS from either inbound connection can be served. I hope you're very dilligent in applying patches, removing mapings, nuking samples, etc. > I've looked at a dozen different firewall solutions for Linux but > found none that could facilitate this. Has anyone done something > like, and is it even possible/managable? It's not a firewall issue, it's a routing/QoS issue. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
