Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Jun 1999 08:06:14 -0500 (CDT)
From:      star@iwl.net
To:        hackers@FreeBSD.ORG
Subject:   NAT Gateway to multiple ISPs
Message-ID:  <199906141306.IAA12874@star1.iwl.net>
next in thread | raw e-mail | index | archive | help 

Any ideas on the following ?

  I am setting up a home/office network with NAT filtering gateway
   on a dual-NIC FreeBSD 3.2 box.  No problem so far - I've set
   up several like this on 2.2.8 using natd.

  The new wrinkle is this:  I need to connect to two ISPs
   (DSL & Cable Modem), ideally with automatic failover and
   load balancing when multiple internal PC's are generating
   internet traffic.

  I know that this requires running gated (or routed) to
   receive RIP or OSPF messages from the ISPs, and to select the
   best outgoing ISP's route.

  The key question is: while the routing program probably
   requires a third NIC so that each external link has its own
   device, how can natd handle multiple external internet 
   interfaces.


  I've been searching in several directions:

  1) Using "ifconfig alias" option to map the two external 
    addresses assigned by the two ISPs into the same NIC - would
    seem to confuse the routing of outgoing traffic, although I 
    have 'aliased' reliably on a fbsd web server (all in the same 
    subnet) and have also seen multiple subnets peacefully coexist
    on the same physical network.

  2) Somehow get natd or another NAT server to recognise two
    outgoing interfaces - this would also seem to confuse the
    functioning of the routing program.

  3) Configure an internal pseudo-device (tun ?) or divert 
    interface between natd (and the internal NIC) on the inside 
    and gated or routed (and the two external NICS) on the 
    outside.
    This way, natd and the routing program would be completely
    isolated and wouldn't need to know that the other existed.

 ISP1 - NIC1
             \
             gated  -  TUN  -  natd  -  NIC3  -  internal net
             /        device
 ISP2 - NIC2


   The third seems the best choice, but I haven't seen any
    discription of this type of configuration.

   Any advice ?

Thanks very much for your help,

Andy Starratt




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906141306.IAA12874>