: Mike Lander wrote:
: <snip>
: > : > Currently the network is using routeback and static routes
: > : > to route specific traffic to the natted ISP gateway. The only
solution I
: > : > could
: > : > think of was, I asked the ISP if they could change the currently
: > : > natted gateway (lan ip on internal) to a different Class 3 IP such
as
: > : > 10.15.75.1
: > : > then I could configure my second ISP to the same network
: > : > 10.15.75.2 and track and balance the routes.
: > : > Now would there be a better way to do this and leave the
: > : > Natted ISP with the same IP as the lan (loc) if ??
: > :
: > : I'd really need to see the routing tables and route rules from a
: > : shorewall dump to have a better understanding of your layout. Having
: > : said that, when you use the providers file, there will be a host route
: > : to that isp's gateway created in that isp's routing table, which
should
: > : override any network route using that address space. In short it
should
: > : work without changing any addressing, I have that running now:
:
: Mike:
:
: Sorry for leaving you hanging... I got "that phone call" from the
: hospital about my Dad. I'm just changing, showering and returning to be
: with him in his final hours.
:
: Sorry,
:
: Jerry
Thanks Jerry,
That's ok, as it turns out I did some homework on this network,
the internal admin had me believing that both these T-1's are
at the same physical d-mark. (one T1 in building 1 the other in building 2)
The T-1 in building 2 is the natted T-1. So both buildings are connected to
each other by fiber on the lan network (10.5.198.0/24) on the same switch
if you look at the dumps I gave you there is a static route that goes to
the natted T-1.
Rethinking that Tom warns of putting wan and lan on the same switch.
I think shorewall has arp_ignore and all that but I think it would be an
arp nightmare to try to run the 2nd building through that fiber to the first
building to the third nic in building 1 and use the canned multi-setup load
balancing.
Since I cant plug in the 2nd building to my third nic (box has three
nics two are for isp
one for lan no dmz's) Now I am thinking to remove the 3rd nic and using
something
as you are suggesting. Really all these folks want is to balance the
internet load
to both T-1's. (web browsing). Maybe I could just make the new box pretty
much the same as the old box with two nic's and use your suggestions.
The new box will be running squid and squidguard as well.
Any idea's?
Thanks
Mike
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
