Hello!
 
I need your support to define an appropriate configuration for the network architecture I have documented in the attachment.
 
There are some things that make this network architecture "special":
1. 2 default gateways according to this howto https://www.thomas-krenn.com/en/wiki/Two_Default_Gateways_on_One_System
2. Routed configuration on Proxmox VE server according to this howto https://pve.proxmox.com/wiki/Network_Model#Routed_Configuration
3. Masquerading (NAT) on 2 NICS according to this howto https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29
 
The definition of 2 default gateways ensures that any traffic on LAN 192.168.178.0/24 will communicate via gateway 192.168.178.1, and any other traffic on LAN 10.0.0.0/24 and DMZ 10.1.0.0/24 will communicate via gateway 10.0.0.1 and 10.1.0.1 respectively.
 
This configuration is working based on the howto guides w/o firewall.
The challenge is to add firewall functionality, but I don't know if I need to revert back the modifications in/etc/network/interfaces or /etc/iproute2/rt_tables.
 
The main question is:
Who can support with the configuration of shorewall?
How should /etc/shorewall/interfaces be defined?
How many zones should be in /etc/shorewall/zones?
Do I need to define multiple providers in /etc/shorewall/provides to enable 2 default gateways?
 
 
THX

Attachment: network.pdf
Description: Adobe PDF document

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to