No, not on the server configuration. The server won't care if there is one ISP or two as long as both subnets have separate gateways. In face my system started out this way with DSL for the office users and cable for the public users. Eventually the system was collapsed to one service, cable, and I just applied the DSL internal gateway address to my secondary port on the firewall (of course there was more configuration to the firewall to make this work but the server and the clients on the former DSL subnet required no configuration changes).
Just out of curiosity, do you have dynamic DNS on both ISP services or do you have static addresses? If you have static addresses do both have different host names and domains? Greg On 8/8/06, Brian Henning <[EMAIL PROTECTED]> wrote:
Greg, Sounds promising, but to answer your first question: No. Two separate firewalls, two separate internet connections, two separate ISPs, even two separate delivery technologies (DSL and cable). So there are two (very) separate public IPs. Does that change anything? ~Brian Greg Brown wrote: > Brian: > > You should have a default gateway for each nic, not just one for the entire > machine. I assume there is a dual port fireall with 1.1 and 10.1 and a > single Internet connection? > > I have the same kind of configuration at one of my beach networks. It > looks > like this. We'll call my machine bill: > > Internet -> Firewall -> 192.168.15.0/24 (15.1 is the router port) -> > 192.168.15.50 (eth1) > -> 192.168.17.0/24 (17.1 is the router port) -> > 192.168.17.50 (eth0) > > > No routing on server "bill" takes place. It simply has two cards each with > thier own settings in /etc/network/interfaces. For the record, squid, ssh > and www resides on 15.50 while a couple other services reside on 17.50 . My > firewall forwards services to one port or the other depending on the > service > (i.e. it knows to forward ssh, web, and so forth to 15.50, etc) > > The following is my /etc/network/interfaces: > > # The loopback network interface > auto lo > iface lo inet loopback > > # The primary network interface > auto eth0 > iface eth0 inet static > address 192.168.17.50 > netmask 255.255.255.0 > up flush-mail > gateway 192.168.17.1 > > auto eth1 > iface eth1 inet static > address 192.168.15.50 > netmask 255.255.255.0 > up flush-mail > gateway 192.168.15.1 > > I think I could do without the "up flush-mail" the system seems to be > working. > > Hope this helps. > > Greg > > On 8/8/06, Brian Henning <[EMAIL PROTECTED]> wrote: >> >> Hi Gang, >> I know y'all are probably tired of hearing me ask about this stuff, >> but for some reason it's just one thing I'm having a heck of a time >> really grasping. I think it's because I'm missing some fundamental >> understanding, some important piece of info, which is leaving the rest >> of it shaky. Anyway: >> >> I have a machine (let's call it "bob") with two NICs, on two subnets, >> for argument's sake 192.168.1.0/24 and 192.168.10.0/24. eth0 is on >> .1.0, eth1 is on .10.0. Both subnets have their own gateways, located >> at .1.1 and .10.1. >> >> Because of certain important services that come in through the gateway >> on the .1.0 subnet (such as SMTP, httpd, ssh, etc.), I need bob's >> default gateway to be .1.1. However, I really really really want to run >> OpenVPN on bob and have it move traffic solely in and out through the >> .10.1 gateway. That service on that machine never needs to move a >> single packet out of the default gateway. >> >> I know that that's impossible without some sort of fiddling; even if UDP >> packets come in to OpenVPN via the correct gateway (.10), the responses >> are routed out through the .1 gateway and dropped somewhere along the >> way (or ignored, if they make it all the way back to the client). >> >> I figure it must be doable, though, right? I shouldn't have to have a >> separate box to provide the exact same services through two different >> gateways, should I? So what's the magic incantation? route tricks? >> iptables tricks? Clever misuse of load-balancing software? I'm open to >> all suggestions. >> >> Thanks! >> >> Cheers, >> ~Brian >> >> >> -- >> ---------------- >> Brian A. Henning >> strutmasters.com >> 336.597.2397x238 >> ---------------- >> -- >> TriLUG mailing list : >> http://www.trilug.org/mailman/listinfo/trilug >> TriLUG Organizational FAQ : http://trilug.org/faq/ >> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ >> -- ---------------- Brian A. Henning strutmasters.com 336.597.2397x238 ---------------- -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
