On July 27, 2003 09:10 am, Haim Ashkenazi wrote: > I'm trying to combine 2 linux firewalls/routers together. the final host > should have the following ports: > > 1. eth0 - 256kbps frame relay. > 2. ppp0 (via eth1) - pppoe adsl with dhcp. > 3. eth2-3 - 2 DMZ's. > 4. eth4 - localnet. > > The default route is ppp0. > > Here's the problem: If I'll connect to the firewall from the internet > through eth0 (or even connect to the dmz through the firewall's eth0) > wouldn't it try to respond through ppp0 (the default gateway) which will > make the connection impossible?
Yes you need to install some advanced routing rules. Read the advanced routing howto (http://www.lartc.org/), you'll need something roughly like this: # All of my networks localnet='172.16.0.0/24' dmz_a='172.17.0.0/24' dmz_b='172.17.0.0/24 frame='216.1.2.0/28' # Set default route for frame relay network ip route add default via 216.1.2.1 table 10 # (table 10 arbitrary choice) pri=100 # ensure that traffic to local IPs is handled by default routing table for net in $localnet $dmz_a $dmz_b $frame; do ip rule add to $net lookup main pri $pri done pri=200 # Make sure that traffic coming from frame IPs get's routing to frame gateway ip rule add from $frame lookup 10 pri $pri # Flush route cache to make changes immediate ip route flush cache That should handle everything correctly. Have your pppoe software install a default route when it brings up the connection and you shouldn't have to worry about any special routing for it. -- Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ Halton Hills, Ontario, Canada Debian GNU/Linux -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]