Hi Steve, I am actually running the setup below (on LAN# 1) on Dachstein Kernel 2.2.19 based disk image v 1.0.2 and would definitely prefer to continue with it but would not mind using a different leaf image if advisable. The issues I raised were because I noticed (if am right) that on Dachstein, I have to configure which IP is my external IP (single IP) for portfw while and which internal IP & Port to forward services to (yet I need two ext IPs and Int IPs). I also noticed that I specify which is my Int LAN IPs for NAT (again I only noticed 1 network range space when I need two). **Am assuming I will be using portfw to forward smtp & http for the two domains to their respective mail and webservers.
These were the reasons coupled with the fact that I had tried multihoming on either interface e0 and e1 without success. Any suggestions with examples based on my initial setup below would be highly appreciated. Nyawallow ----- Original Message ----- From: "Steve Wright" <[EMAIL PROTECTED]> To: "Nyawallow James" <[EMAIL PROTECTED]> Sent: Sunday, June 29, 2003 11:50 PM Subject: Re: [leaf-user] separate mail routing on two LANs on shared ISP Link > Nyawallow James wrote: > > >I have the setup below which I would like to use leaf for 'firewalling' the > >two LANs while enabling smtp/pop3 and http for both LANs separately! my > >questions are: a.Is this possible using leaf? > >b.Do I need to change the setup below? say two external nics and two > >internal nics? or two external nics and one internal nic (multihomed?) > > > > a. This is Linux - anything is possible. > > b. It depends on the requirements of your networks. There is no > requirement for subnets to have their own ethernet card. You may attach > any number of addressing schemes to any ethernet card. > > >**Initially LAN #1 Mail server had the public IP 64.86.235.161 and LAN# Mail > >Server had the IP 64.86.235.162 for the purposes of routing mails and > >webservice (each lan hosts is independent but share premises!) > > > > You could leave them that way, and simply route with the leaf box, but I > think you will need to add instructions on the upstream router to route > these hosts via the leaf external interface. > > You might add both these external addresses to the external interface of > leaf, and then directly translate only these two addresses to the > private addresses that match the appropriate Server - the internal > servers will 'look' like they are directly on the Internet then. Then > MASQ or proxy your internal http clients to the 'Net. > > >Problems: > >1: I have implemented the above soln but on one LAN but, I would want to > >implement it for the second LAN therefore the second card. I am however > >stuck as I do not know how to configure e0 to respond to requests for LAN1 > >Public IP separate from similar requests for LAN2 Public IP (assuming I am > >multihoming both public IPs on e0) > >Please let me know which LAEF version can do this and the config necessary. > > > > You haven't said how you did it. Maybe it is not possible now to > implement a second internal server - I cannot tell you. > All LEAF versions will do this. Use the latest version for the best > functionality. > > Tell us how you have implemented your first solution. Perhaps it is > readily adpatable to add a second internal host, since you understand it > well already. > > > regards, > Steve > > > >**ALL interfaces have static IPs > > > >Link from/to Isp to Router > > | > > ------ > > |Router| > > ------ > > ^ > > | > > |Cross-over cable to/from LEAF Box > > | > > |e0(64.86.235.160/29) > > | Shared Link (64.86.235.161--LAN1 & 162--LAN2) > > --------- > >|Leaf Box | > > --------- > > | | > > | | > > | |e2 (10.0.0.1) > > | | LAN #2 (10.0.0.0/24) > > | |__> Mail server (10.0.0.2) > > | > > |e1(192.168.0.1) > > | LAN #1 (192.168.0.0/24) > > |__>Mail server (192.168.0.2) > > > > > ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
