I am attempting to set up a Multi-ISP configuration of Shorewall where one of
the interfaces is a ppp interface that will not connect to its ISP until after
Shorewall has started. I had to set the interface as optional in
/etc/shorewall/interfaces in order for Shorewall to start. After Shorewall has
started, I can run "ping -I eth2 <GoogleIPaddress>" fine. When I then bring the
ppp0 interface up, I can no longer ping out the eth2 or ppp0 interface
("Destination host unreachable error"). There seems to be a default route
through the eth2 interface, but not the ppp0 interface. Is there a way to
configure Shorewall to add the default route to the ppp0 interface when it comes
up? Why can I no longer ping out eth2 once the ppp0 interface comes up? I
currently have everything set to ACCEPT in /etc/shorewall/policy.
tcors02:/etc/shorewall# more interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net eth2 - dhcp
net ppp0 - tcpflags,nosmurfs,optional
net eth3 - dhcp
loc eth0 -
loc eth1 - dhcp
tcors02:/etc/shorewall# more providers
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY
lan 1 0x100 main eth2 129.116.XXX.254 track,balance
eth0,eth1
cell 2 0x200 main ppp0 - track,balance eth0,eth1
bgan 3 0x300 main eth3 192.168.128.100 track,balance
eth0,eth1
tcors02:/etc/shorewall# ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:166.183.155.49 P-t-P:192.168.111.111 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:64 (64.0 B) TX bytes:97 (97.0 B)
tcors02:/etc/shorewall# ifconfig eth2
eth2 Link encap:Ethernet HWaddr 00:d0:69:45:19:95
inet addr:129.116.XXX.XX Bcast:129.116.XXX.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5958 errors:0 dropped:0 overruns:0 frame:0
TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:442658 (432.2 KiB) TX bytes:18103 (17.6 KiB)
Interrupt:40 Base address:0x240
tcors02:/etc/shorewall# ip route
255.255.255.255 dev eth1 scope link
192.168.111.111 dev ppp0 proto kernel scope link src 166.183.155.49
192.168.128.0/24 dev eth3 proto kernel scope link src 192.168.128.101
129.116.XXX.0/24 dev eth2 proto kernel scope link src 129.116.XXX.XX
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.1
default
nexthop via 129.116.XXX.254 dev eth2 weight 1
nexthop via 192.168.128.100 dev eth3 weight 1
Thank you for any help that you can provide.
Don
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
