I have a linux running firewall/router machine, connecting LAN to the internet with two interfaces (no load balancing or other connections). One is a fast connection with dynamic IP (ADSL) which is the default route, the other is a static IP (T3) connection (used for mail sever and other services available from www).
Additional I want to provide our intranet (located in the LAN) access to workes outside the office, using a port on the static firewall IP, which will be redirected (dnat) by iptables prerouting rule and allowed forwarding to LAN intranet sever port.
The scenario is woking when the T3 connection is default gateway in the main routing table. It is not working when I switch the default gateway to the ADSL connection.
The incoming packets are trackable with tcpdump and dnat redirect in the prerouting table is working (notification in syslog by iptables). Missing are the packets on the interface to LAN and the forwarding notification by iptables is also missing. So I think this is a routing problem.
I hope someone can help, or getting me clues what to check.
Thank you,
Oliver
Here is some information on the network topology and snips from the routing/firewall script:
Both tables T3 and ADSL are mostly the same, except for the default route which is set to T3 or ADSL interface accordingly.
The main table contains all routing information like also T3 and ADSL tables do, but also contains iprules to use specific tables for incoming traffic on T3 or ADSL interface.
The T3 interface is connected with a static IP router to the providers network (and internet). The ADSL interface is connected via a common DSL modem/router.
The issue is not solved yet.
Based on a discussion on another forum I tried policy routing on incoming interface without success. Now packet marking and policy routing is up to a try.
Hello,
I wanted to setup routing certain traffic (http/s) out via a second (faster) interface, like described in the following docs (may not post urls):
linux-ip.net /html/adv-multi-internet.html
thegeekstuff.com /2014/08/add-route-ip-command/
I already had this working years ago on... (0 Replies)
I have a RHEL 5 system with a bonded interface configure using only one network port (eth0). So I have config file for ifcfg-bond0 and ifcfg-eth. I'd like to configure eth5 to be the second SLAVE in the bond. My question is, after I modify ifcfg-eth5, can I add eth5 to the bond0 interface without... (1 Reply)
Im configuring centos with load balance with ip route and ip rule
Eth0 192.168.1.5
Eth1 192.168.5.128
# ip route
192.168.5.0/24 dev eth1 scope link src 192.168.5.128
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.5
169.254.0.0/16 dev eth1 scope link
# ip route show... (2 Replies)
Solaris-9 server is having one primary IP 10.41.161.14 on qfe0 and 10.41.116.0 on qfe3:1. Traffic is going through virtual interface instead of physical interface. How should I force traffic to go with primary interface.
root@smtsrvn01:/# netstat -nr
Routing Table: IPv4
Destination ... (2 Replies)
This is my situation
DOS pc serial cable (sl0) Linux Pc eth1
192.168.0.10 <-------------------->192.168.0.2 <------------>192.168.0.1 (router)
I connected the linux pc and the dos pc with a SLIP (serial line internet protocol), so they can communicate in the sl0 interface.
... (3 Replies)
Hi all
I have installed a demo version of SCO OpenServer 5.0.2, I finally found it is Desktop Interface, I would like to know how to change its interface to dos based interface?
If you have any ideas, please tell me then. Thank you (2 Replies)
Dear all,
I am a newbie in solaris and I need your advice.
I have a Solaris version 5.9 installed on Sunfire V240.
I am able to ssh the machine from putty remotely.
My problem is that I cannot see the display from KVM switch I have connected to it. I need also to be able to see the GUI... (2 Replies)