Hi Mohan,<br><br>Thanks a lot for your reply. I haven't tried it yet, but I have no doubts it will work.<br><br>However, if you have time, could you please explain to me why a request received from IP1 by host H1, having as default route IP2, can not be routed through IP1; I have a routing table saying that the route to IP1 is through the proper eth card.
<br>I have used tcpdump to check the packets coming/in/out from the systems and it seems that there is a packet going from ADSL1 to H1, but nothing on the other way... it seems like H1 doesn't know what to do with it.
<br><br>Could you please explain (or point me to URLs explaining that) why it will change if I set the modems to bridge mode? I still want to do NAT, will it change if I do it from the Linux router now?<br><br>I also do not understand what you imply with
<br>"3. Source NAT rules use ISP1_IP and routing rule redirects it to link<br>connected to ISP2. Flip similarly for ISP1."<br>Could you be a bit more descriptive?<br><br>Forgive me for being a bit ignorant of all that; possibly I'm trying to understand too much without basic technical background on routing, etc.
<br>.<br>One more time, thanks a lot for your help.<br>Regards,<br>Kostas<br><br><div><span class="gmail_quote">On 10/12/07, <b class="gmail_sendername">Mohan Sundaram</b> <<a href="mailto:mohan.tux@gmail.com">mohan.tux@gmail.com
</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Kostas Flokos wrote:<br>> Hi all,<br>> I have managed to setup a Fedora 7 box with 3 ethernet cards and two
<br>> ADSL modem/routers from different suppliers as LARTC recommends. I am<br>> able to direct traffic for specific internal IPs either to one or the<br>> other ADSL line. However, I am faced with two problems I am struggling
<br>> for the solution:<br>><br>> 1. I have opened a few ports on the ADSL router/firewalls to talk to<br>> internal hosts; say when someone hits <a href="http://myADSL1_IP">http://myADSL1_IP</a> I would redirect
<br>> him to <a href="http://192.168.0.10">192.168.0.10</a> <<a href="http://192.168.0.10">http://192.168.0.10</a>>; while if someone hits<br>> <a href="http://myADSL2_IP">http://myADSL2_IP</a> I would redirect him to
<a href="http://192.168.0.20">192.168.0.20</a><br>> <<a href="http://192.168.0.20">http://192.168.0.20</a>>.<br>This is your ADSL router(s) config.<br>> If I have rules such as the following all works well:<br>
> ip rule add from <a href="http://192.168.0.10">192.168.0.10</a> <<a href="http://192.168.0.10">http://192.168.0.10</a>> table ADSL1_rules<br>> ip rule add from <a href="http://192.168.0.20">192.168.0.20
</a> <<a href="http://192.168.0.20">http://192.168.0.20</a>> table ADSL2_rules<br>These are rules on your linux machine to send traffic back on the same<br>link they came from.<br>> Unfortunately, if I want to do the reverse it does not work. I can't
<br>> have a host prefer one ADSL line, but still receive traffic from the<br>> other ADSL line.<br>This can be done by switching the rule table above. Obviously NAT is<br>being used. However, this will break. You cannot initiate a connection
<br>to one IP and match the reply or ack for that connection from another<br>IP. TCP/IP basics. Assymetric routing works when no address translations<br>take place.<br>> It may sound weird, but I only want to have one host
<br>> reply to any of the two IPs, either from ISP1 or ISP2. With the current<br>> configuration I can't. It works ok the default ISP of the host, but<br>> can't make it to work for the other.<br>One way of doing this would be:
<br>1. Set the routers to bridge mode.<br>2. Assign the ISP IPs to the NICs.<br>3. Source NAT rules use ISP1_IP and routing rule redirects it to link<br>connected to ISP2. Flip similarly for ISP1.<br><br>Let us hope your ISP2 does not filter out traffic having source outside
<br>his subnet when it arrives from within.<br><br>Mohan<br>_______________________________________________<br>LARTC mailing list<br><a href="mailto:LARTC@mailman.ds9a.nl">LARTC@mailman.ds9a.nl</a><br><a href="http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc">
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc</a><br></blockquote></div><br><br clear="all"><br>-- <br>bus-email: <a href="mailto:kflokos@upcom.eu">kflokos@upcom.eu</a><br>priv-email: <a href="mailto:kflokos@gmail.com">
kflokos@gmail.com</a><br>web: <a href="http://www.upcom.eu">http://www.upcom.eu</a><br>GSM: +30-693-8415038<br><br>************************************************************************<br>This message and all of its attachments should be regarded as
<br>confidential. If you have received this email in error please notify the<br>sender and destroy it immediately. Statements of intent shall only<br>become binding when confirmed in hard copy by an authorised signatory.<br>
************************************************************************