hi, it should work if you if you use iproute and iptables.
add ISP0 and ISP1 to /etc/iproute2/rt_tables make a default route for each table: ip route add default via $ISP0 table ISP0 ip route add default via $ISP1 table ISP1 then let your linux-box know when to use the tables: ip rule add fwmark 1 table ISP0 ip rule add fwmark 2 table ISP1 now it should route packages marked with '1' through ISP0 and packages marked with '2' through ISP1. you can mark packages with iptables now. e.g. iptables -t mangle -s $DMZ -j MARK --set-mark 2 note: in some cases i had to use additional SNAT with iptables to send the packages with the correct sourceip. iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source $ISP1-IP perhaps it helps for you. buz On Don, 2003-05-22 at 15:48, mslucas wrote: > Hi, > > > > What do I have to install to get the following situation working? > > Except iptables as the firewall. > > I tried it with iptables and then NATing and with "ip route" but it isn't > working > > > > Caution a lot of "is allowed" and "is not allowed" detected > > > > Internet Internet > ISP 0 ISP 1 > | | > v v > Private LAN <-> this server <-> Office LAN > ^ > | > DMZ > > > > Traffic from my private LAN must go to ISP0, and is allowed to go to ISP1 > only if ISP0 is down (bandwidth must be limited) > > > > Traffic from my Office LAN must go to ISP1, and is allowed to go to ISP0 if > ISP1 is down or if there is more traffic than ISP1 can accept. > > > > Traffic from my DMZ must go to ISP1, and is allowed to go to ISP0 only if > ISP1 is down.. > > > > Traffic from my private LAN is not allowed to go to my Office LAN but > traffic from Office to private is allowed. > > > > Can somebody give me a hint which program is able to make my situation work. > > > > Thanks in advance, > > > > Maurice Lucas > > TAOS-IT >
