:
:
:: Mike Lander wrote:
:: <snip>
:: > : > Currently the network is using routeback and static routes
:: > : > to route specific traffic to the natted ISP gateway. The only
: solution I
:: > : > could
:: > : > think of was, I asked the ISP if they could change the currently
:: > : > natted gateway (lan ip on internal) to a different Class 3 IP such
: as
:: > : > 10.15.75.1
:: > : > then I could configure my second ISP to the same network
:: > : > 10.15.75.2 and track and balance the routes.
:: > : > Now would there be a better way to do this and leave the
:: > : > Natted ISP with the same IP as the lan (loc) if ??
:: > :
:: > : I'd really need to see the routing tables and route rules from a
:: > : shorewall dump to have a better understanding of your layout. Having
:: > : said that, when you use the providers file, there will be a host
route
:: > : to that isp's gateway created in that isp's routing table, which
: should
:: > : override any network route using that address space. In short it
: should
:: > : work without changing any addressing, I have that running now:
::
:: Mike:
::
:: Sorry for leaving you hanging... I got "that phone call" from the
:: hospital about my Dad. I'm just changing, showering and returning to be
:: with him in his final hours.
::
:: Sorry,
::
:: Jerry
:
: Thanks Jerry,
: That's ok, as it turns out I did some homework on this network,
: the internal admin had me believing that both these T-1's are
: at the same physical d-mark. (one T1 in building 1 the other in building
2)
: The T-1 in building 2 is the natted T-1. So both buildings are connected
to
: each other by fiber on the lan network (10.5.198.0/24) on the same switch
: if you look at the dumps I gave you there is a static route that goes to
: the natted T-1.
: Rethinking that Tom warns of putting wan and lan on the same switch.
: I think shorewall has arp_ignore and all that but I think it would be an
: arp nightmare to try to run the 2nd building through that fiber to the
first
: building to the third nic in building 1 and use the canned multi-setup
load
: balancing.
:
: Since I cant plug in the 2nd building to my third nic (box has three
: nics two are for isp
: one for lan no dmz's) Now I am thinking to remove the 3rd nic and using
: something
: as you are suggesting. Really all these folks want is to balance the
: internet load
: to both T-1's. (web browsing). Maybe I could just make the new box pretty
: much the same as the old box with two nic's and use your suggestions.
: The new box will be running squid and squidguard as well.
: Any idea's?
:
: Thanks
: Mike
:
Jerry,
I got interuppted when I started to read this and replied without fully
reading your post sorry the reply seemed insenitive. Sorry to hear
about your Dad.
Mike
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
