Anyone out there played much with advanced routing with Bering + Shorewall?
I'm looking at adding an additional internet connection (consumer-class cable-modem service) to get enough bandwidth to create a full mirror of Debian (and keep it in sync) so I can sell CD/DVD images.
Anyway, I've already got a pretty complex setup (proxy-arping a /26 IP range across 3 NIC's, with two additional internal private-IP networks). On top of this currently working setup, I'm wanting to route traffic from a single system out the cable-modem, with everything else continuing to go out the SDSL.
If anyone has implemented anything remotely similar to this, I'd appreciate any pointers.
Since I doubt this is a common setup :), I'll throw out a few key questions someone might be able to help with:
- How does the masquerading code determine the source IP of the masqueraded packets?
- How do the advanced routing rules interact with the firewall rules (ie: order in which iptables rules are processed vs. advanced routing rules and routing table selection).
I think the (somewhat) easy way to do this is to add another NIC to my firewall and route everything from that interface out the cable-modem, and the (really) easy way to do this is to just build another firewall, but I'd really like to have the new mirror system on my internal lan if possible.
Thanks in advance for any help or pointers.
-- Charles Steinkuehler [EMAIL PROTECTED]
-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
