Multiple IP's and multiple gateways on ONE interface

Hi,

basically I need a setup as described here:

http://lartc.org/howto/lartc.rpdb.multiple-links.html

for Linux. I've one ONE interface and two different public IP's and two associated default gateways. I've found a lot of stuff about fib's and setfib but allays with two interfaces. How do I have to set this up with one interface including associating the two IP's with one interface?

TIA
Matthias
 
With only 1 NIC, you need 2 VLAN's, one for the internet traffic, one for your LAN. Now you have two interfaces and the setfib stuff you've read should be applicable.
Depending on the firewall you use, you are going to be looking at identifying LAN traffic for ISP1, then set the appropriate fib for that and routing/nat from there. Ditto for traffic to ISP2.
Here's a snippet from an IPFW firewall I have with a couple of ISP's:

# setfib 3 netstat -nr | head
Routing tables (fib: 3)

Internet:
Destination Gateway Flags Netif Expire
default 65.209.210.217 UGS Verizon
10.1.3.0/24 link#7 U Public
10.1.10.0/24 10.1.251.1 UGS ExtTrunk
10.1.10.2/32 10.1.251.1 UGS ExtTrunk
10.1.10.175/32 10.1.251.1 UGS ExtTrunk
10.1.12.0/24 10.1.251.1 UGS ExtTrunk
# setfib 4 netstat -nr | head
Routing tables (fib: 4)

Internet:
Destination Gateway Flags Netif Expire
default 10.50.1.1 UGS BlkMtn
10.1.3.0/24 link#7 U Public
10.1.10.0/24 10.1.251.1 UGS ExtTrunk
10.1.10.2/32 10.1.251.1 UGS ExtTrunk
10.1.10.175/32 10.1.251.1 UGS ExtTrunk
10.1.12.0/24 10.1.251.1 UGS ExtTrunk


The only difference is the default route.

Then in IPFW you'll have something like this on the outbound:

setfib 3 ip from 10.1.2.0/24 to any
nat 100 ip from any to 65.209.210.217

setfib 4 ip from 10.1.3.0/24 to any
nat 101 ip from any to 10.50.1.1

I don't have experience with Load Balancing, but it seems like you'll need to keep state so the firewall doesn't balance per-packet and you should be able to use a probability match to disperse traffic between the ISP's.

Please post back whatever you get working, so there's a reference in the future.
I
 
Thanks, I will give it a try and report back.

To clarify: No Firewall, no LAN, but two public IP's with different gateways. But this should make no difference.
 
I fail in setting up the VLAN's ... as I can not use tagged VLAN's because there are no VLAN tags.
 
I gave up on this. I've asked my provider for IP addresses in the same sub net. This solved my problems without the need to think :)

But I'm still interested in a possible solution for the initial problem.
 
without a LAN, there's no need for VLAN's then. This simplifies it so you just need to add all the addresses your provider gave you to your NIC.
Taking my example above, I have a NIC:

# ifconfig BlkMtn
BlkMtn: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=503<RXCSUM,TXCSUM,TSO4,LRO>
ether be:3c:71:dd:74:f1
inet 10.50.1.58 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.55 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.56 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.51 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.50 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.52 netmask 0xffffff00 broadcast 10.50.1.255
inet 10.50.1.53 netmask 0xffffff00 broadcast 10.50.1.255
inet 24.52.191.244 netmask 0xfffffff8 broadcast 24.52.191.247


You'll notice I have two networks on that one NIC, they have two gateways and using that IPFW stuff above does what you'd expect.
 
Back
Top