Hi,
I'm trying to set up a multi ISP configuration.
I can make it work without shorewall, except for incoming connections :
i want to be able to connect to any oof the internet interfaces from
outside, I can not with ports forwarded on the local network : I am not
always receiving an answer
I just want the same result as a multiWAN router that does load balancing.
I discovered shorewall and the "MultiISP" configuration that seemed to
answer my problem.
I did set all files but the providers one, everything works then.
But when I fill the providers file, nothing works anymore : outgoing
connections are no more working, neither does incoming ones.
Please help.
Here are the commands you request
(just so you know : eth0,eth1,eth2 are internet connections and eth4 is
the only used local one) :
#/sbin/shorewall version
4.0.13
#ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:15:17:7a:6a:bc brd ff:ff:ff:ff:ff:ff
inet 88.162.31.82/24 brd 88.162.31.255 scope global eth0
inet6 fe80::215:17ff:fe7a:6abc/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:15:17:7a:6a:bd brd ff:ff:ff:ff:ff:ff
inet 83.142.149.102/30 brd 83.142.149.103 scope global eth1
inet6 fe80::215:17ff:fe7a:6abd/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 1000
link/ether 00:15:17:7a:6a:50 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global eth2
inet6 fe80::215:17ff:fe7a:6a50/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:15:17:7a:6a:51 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 1000
link/ether 00:1e:4f:3e:29:8e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.200/24 brd 192.168.1.255 scope global eth4
inet6 fe80::21e:4fff:fe3e:298e/64 scope link
valid_lft forever preferred_lft forever
7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:1e:4f:3e:29:8f brd ff:ff:ff:ff:ff:ff
8: teql0: <NOARP> mtu 1500 qdisc noop qlen 100
link/void
#ip route show
83.142.149.100/30 dev eth1 proto kernel scope link src 83.142.149.102
88.162.31.0/24 dev eth0 proto kernel scope link src 88.162.31.82
192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.1
192.168.1.0/24 dev eth4 proto kernel scope link src 192.168.1.200
default
nexthop via 88.162.31.254 dev eth0 weight 1
nexthop via 83.142.149.101 dev eth1 weight 1
nexthop via 192.168.2.200 dev eth2 weight 1
And here is my providers file :
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS COPY
ISP1 200 1 main eth0 88.162.31.254
track,balance eth4
ISP2 201 2 main eth1 83.142.149.101
track,balance eth4
ISP3 202 3 main eth2 192.168.2.200
track,balance eth4
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
Thank you for your help
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
