portforwarding / source-based routing question
Wiktor Wodecki
wodecki@wapme-systems.de
Fri, 01 Jun 2001 09:59:42 +0200
Hello,
I've got a rather tricky problem here, maybe one of you can help me. A
quick look at our setup:
INTERNET
/ \
/ \
/ \__________
Leased1 Leased2
| |
| |
|eth0: 141.1.1.1 | eth1: 142.1.1.1
|-------------------------------|
| Firewall Box |
|---------------|---------------|
| eth2: 192.168.121.0/24
|
|
|
| eth0: 192.168.121.11
|-------|-------|
| Mailserver |
|---------------|
We have a firewall box with three interfaces, eth2 connected to our
inner lan, eth0 and eth1 are connected to two different providers. Both
IPs 141.1.1.1 and 142.1.1.1 are pingable from the internet (source based
routing). I installed a portforwarding on eth0 and eth1 on port 25 and
110 to our mailserver. Depending on the default gateway on the firewall
box, only one portforward works. As I do an iptables -t nat -L -n -v I
see that the bytecounter is incremented on both DNAT rules in the nat
table (independent of the default gw). Now, the question is, how do I
configure the routing (or firewall?) that both portforwardings work,
regardless whether the default gw is pointing to provider 1 or 2?
--
Regards,
Wiktor Wodecki, Unix Administration | Wapme-Systems AG
Tel.: +49-211-748450 | Muensterstrasse 248
Fax: +49-211-74845176 | 40470 Duesseldorf
E-Mail: wodecki@wapme-systems.de | http://www.wapme-systems.de
1024/E22253B9 084C 7950 4D65 0E92 46D1 48AF F3F7 3201 E222 53B9