Mike Lander wrote: > Yes this accurately reflects the network topology? > However I been testing squid through this now and > the brower pauses an balks at times. So I tried > 10.194.79.181 in tcp outgoing in squid.conf > and browsing was fine. When I changed tcp > outgoing to 66.224.62.120, the trouble started > again. You would of thought I would have been > the lan gateway causing trouble. any ideas?
Wireshark is your friend. > > PS back up a litte about masq. I am trying > to understand the masq stuff for multi-isp > In my main firewall my masq is as follows > eth0 $ETH2_IP 66.224.62.118 > eth2 66.224.62.118 $ETH2_IP > eth0 eth1 66.224.62.118 > eth2 eth1 $ETH2_IP This is different from what you posted earlier. This is a sensible configuration that masquerades traffic from a local network (eth1) to either of two ISPs (eth0 and eth2). You posted this which I called 'silly': > : eth0 10.194.79.181 66.224.62.120 > : eth1 66.224.62.120 10.194.79.181 > : eth0 eth1 66.224.62.120 > : eth1 eth0 10.194.79.181 See the difference? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
