Now you've done it Rion. Do you have experience with Vyatta? I am having an issue with multiple IP's bound to a single interface and port based nat/routing within Vyatta -- and haven't sat down to try and figure them out. Basically I have 5 IP's bound to the adapter, and I can bind 1.1.1.1:80 to 192.168.1.1:80, but if I bind 1.1.1.2:80 to 192.168.1.2:80, it appears to still route to 1.1.1.1:80.. almost as if Vyatta can't actually do a destination based (IP+PORT) route, but rather interface+port.
Stan On Mon, Aug 17, 2009 at 1:42 PM, Rion D'Luz <[email protected]> wrote: > On Monday 17 August 2009, Nick Floersch wrote: > > > While the $300 router might solve the problem, and looks nice, it is sort > of a black-box. If it doesn't do what you need, or behaves oddly, you'd have > to hack it to get inside and figure out what is going on, probably voiding > warranty, and ending up with a firewall setup where far less paid and free > support is available. We have been wary of this. > For about 2x the price you can go with a linux-based Vyatta router, which, > i on a quick google search indicates it handles LB nicely: > > Aug 13, 2008 ... Vyatta offers hardware and open source software for ... > MLPPP and ECMP for load balancing; priority and classful queuing for QOS; > ... > linux.com/feature/143998 > > Vyatta Routing Basics, Vyatta Firewall and NAT, Vyatta VPN Intro, Vyatta > Intrusion Prevention, Vyatta WAN Load Balancing. SUPPORTING DOCUMENTS. > DATASHEETS: ... > www.vyatta.com/products/online_demos.php > > > features in Community Edition 3 (VC3) include IPSec VPN, multilink PPP, > and BGP scaling and security, the vendor says. > quoteth: > http://linuxdevices.com/news/NS5500382710.html > Despite the high geek factor of Debian, VC3 is easy to use, Roberts said, > especially for network operators accustomed to IOS, tftp, and so on. "We > want to build open source networking software and hardware systems that a > normal Cisco/Juniper-trained network manager could sit down at and be very > comfortable with. You don't have to know anything about LInux system > administration if you don't want to. It's a benefit, not a requirement," he > said. > > VC3 can be run from a live CD, or installed to hard disk or flash memory. > "We're essentially a stripped-down version of Debian, with network-specific > stuff, and the kernel is custom," Roberts noted. > > The biggest new feature appears to be support for multilink PPP. This > feature enables companies to aggregate multiple smaller leased lines, > typically T1s, instead of springing for a T3. Most ISPs support multilink > connections, he said. Alternatively, Vyatta routers at either end of a > leased line could enable enterprises to create a dedicated network pipe -- > for example to India, he suggested. > > > > > > Pick your poison, I 'spose. > > > > -Nick > > > > > > -- > 3010 Rte 109 > Waterville, VT 05492 > email: rion_at_dluz.com > web: http://dluz.com/Rion/ > AIM/Jabber/Google: riondluz > Phone: 802.644.2255 > http://www.linkedin.com/pub/6/126/769 > > > L I N U X .~. > Choice /V\ > of a GNU /( )\ > Generation ^^-^^ > POSIX > RULES >
