> Hello all,
>
> I got two ISP lines (1 Mb and 6 Mb) and was planning to route outgoing
> "guest traffic" thru the smaller one.
> Problem is my FW only has two NICs.
> If both external routers are connected to a Cisco switch as well as the
> external OpenBSD interface, is it possible to use route-to to send
> packets to the ISP gateway I choose?
> All the examples I found use three NICs.
>
> Thanks.-
>
The key to figuring this out is a little more detail on the specifics
of your ISP connections and provided devices. Are they using just basic
modems or devices acting as gateways? If those devices are gateways then
you could simply configure the internal side of those gateways to different
subnets: say 192.168.1.0/24 for non guest traffic and 192.168.2.0/24 for
guest traffic. The firewall will be assigned IPs from both subnets on the
same interface via an alias. Your route-to rules for both sides of traffic
would use the same network interface, but specify 192.168.2.1 (assuming .1
is the ISP gateway address) as the gateway IP for guest traffic.
The other side is if the ISP device is a modem/bridge/media converter
and your firewall gets assigned the public IP addresses. In that case you
need each connection to have a different gateway (which usually would mean
the IPs are on different subnets). If they have different gateways, you
can do the same thing as above except change the IP addresses to the public
ones. If they happen to have the same gateway, I would look more into
aggregating those links and then using ALTQ to throttle guest traffic on
your firewall.
