On Monday 26 February 2007 18:43, Korey O'Dell wrote: > Folks, > Ive got two ISP connections that I am using with: > --- > ip route add 192.168.200.0/24 dev eth2 src 192.168.200.11 table connection1 > ip route add default via 192.168.200.1 table connection1 > > ip route add x.175.244.0/24 dev eth1 src x.175.244.2 table connection2 > ip route add default via x.175.244.1 table connection2 > > ip rule add from 192.168.200.11 table connection1 > ip rule add from x.175.244.2 table connection2 > > echo "Enabling load balancing between ISP connections..." > ip route add default scope global nexthop via 192.168.200.1 dev eth2 > weight 1 nexthop via x.175.244.1 dev eth1 weight 1 > > iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to x.175.244.2 > iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to 192.168.200.11 > > --- > > > The 192.168.200.x (lan) network gets to the internet via another gateway > (192.168.200.1). > Client machines on the 200.x network work ok except for ssh connections > to machines on the internet hanging. It asks for a password and hangs. > Any ideas? Thanks Korey
Yes your hit a big FAQ, read this[1][2] thread (from this same week). There are two alternatives full solutions explained to that problem, both uses netfilter CONNMARK. [1]http://mailman.ds9a.nl/pipermail/lartc/2007q1/020354.html [2]http://mailman.ds9a.nl/pipermail/lartc/2007q1/020360.html -- Luciano _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
