There seems to be lots of question about multihomed firewall/routers. I am in similiar situation. Having 2 ISP, where to provide services too.
I managed to forward traffic to e.g. a web server in the DMZ zone. Main problem I encounter is that the response is always going out via the DEFAULT gateway on the router. (In my case one ISP doesn't like it and drops the response.) I was under the impression that connection tracking of Netfilter keeps "track" which interface the traffic came in and anticipated it would go out the same route it came from. What am I missing here? What does it take to make it happen? Do I just need additional rules for Netfilter? Would something like "ip_conntrack_isp" work out? Understood such module needs to be developed. Q just arises is that a way to go? mattes
