routing with 2 providers

[jmercier]

---

Hi all!

I use a LINUX gateway/firewall with Shorewall, squid and 802.1Q for vlans trunking.

Actually, i have only one internet box (192.168.254.254 LAN Side).

For the needs of partner (VLAN3 network:192.168.33.0) who use our network, i must install an other internet access and an other internet box.

Can i plug the 2 internet box and the eth0 interface of my gateway to a switch, and create some iptables rules that route packet from VLAN3 (192.168.33.0) in destination to "net" through the new internet box?

Here, my Network interfaces (I only have 2 hardware ethernet interface):

eth0 Link encap:Ethernet HWaddr 00:26:B9:43:70:74
inet adr:192.168.254.1 Bcast:192.168.254.255 Masque:255.255.255.0

eth1 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
adr inet6: fe80::226:b9ff:fe43:7075/64 Scope:Lien

eth1.2 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.22.254 Bcast:192.168.22.255 Masque:255.255.255.0


eth1.3 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.33.254 Bcast:192.168.33.255 Masque:255.255.255.0


eth1.4 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.44.254 Bcast:192.168.44.255 Masque:255.255.255.0


eth1.5 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.55.254 Bcast:192.168.55.255 Masque:255.255.255.0


eth1.6 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.66.254 Bcast:192.168.66.255 Masque:255.255.255.0


eth1.100 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.100.254 Bcast:192.168.100.255 Masque:255.255.255.0
adr inet6: fe80::226:b9ff:fe43:7075/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1017933662 errors:0 dropped:0 overruns:0 frame:0
TX packets:1812543987 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:251500040040 (234.2 GiB) TX bytes:1953951623766 (1.7 TiB)

eth1.110 Link encap:Ethernet HWaddr 00:26:B9:43:70:75
inet adr:192.168.110.254 Bcast:192.168.110.255 Masque:255.255.255.0


lo Link encap:Boucle locale
inet adr:127.0.0.1 Masque:255.0.0.0


tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet adr:10.8.22.1 P-t-P:10.8.22.2 Masque:255.255.255.255


Here my route table :

Table de routage IP du noyau
Destination Passerelle Genmask Indic MSS Fenêtre irtt Iface
10.8.22.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.22.0 10.8.22.2 255.255.255.0 UG 0 0 0 tun0
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.100
172.16.100.0 10.8.22.2 255.255.255.0 UG 0 0 0 tun0
192.168.55.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.5
192.168.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.2
192.168.66.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.6
192.168.33.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.3
192.168.44.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.4
192.168.110.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.110
172.16.110.0 10.8.22.2 255.255.255.0 UG 0 0 0 tun0
192.168.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1.6
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.254.254 0.0.0.0 UG 0 0 0 eth0

[slapandtickle69]

hay jmercier, i hope you are well.

Can i plug the 2 internet box and the eth0 interface of my gateway to a switch, and create some iptables rules that route packet from VLAN3 (192.168.33.0) in destination to "net" through the new internet box?

If i am understanding this properly, You are asking if you can :

GATEWAY-->SWITCH-->PC1 then, Route traffic to VLAN's threw Eth0 and Eth1.
-->PC2

Im finding it hard to understand what you are asking.

If you are using 802.1Q wont you have to forward the Vlans threw the router not Linux,

If you are asking if you can go SWITCH-->Router-->PC then no, becuase the router needs to do the packet forwarding desision for the WAN where as a switch does i for the LAN.

I hope this helps.

Thanks
Ben