From owner-freebsd-questions@FreeBSD.ORG Wed Jul 13 18:33:50 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0048516A41C for ; Wed, 13 Jul 2005 18:33:49 +0000 (GMT) (envelope-from freebsd@philip.pjkh.com) Received: from zhonka1.zhonka.net (zhonka1.zhonka.net [66.228.195.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 97D0143D46 for ; Wed, 13 Jul 2005 18:33:49 +0000 (GMT) (envelope-from freebsd@philip.pjkh.com) Received: from wolf.pjkh.com ([66.228.196.74]) by zhonka1.zhonka.net (Post.Office MTA v3.5.3 release 223 ID# 0-58414U4500L450S0V35) with ESMTP id net; Wed, 13 Jul 2005 11:33:48 -0700 Received: from localhost (localhost [127.0.0.1]) by wolf.pjkh.com (Postfix) with ESMTP id 7F93F58C7; Wed, 13 Jul 2005 11:33:42 -0700 (PDT) Received: from wolf.pjkh.com ([127.0.0.1]) by localhost (wolf.pjkh.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41161-03; Wed, 13 Jul 2005 11:33:42 -0700 (PDT) Received: by wolf.pjkh.com (Postfix, from userid 1000) id 2D3BE58C6; Wed, 13 Jul 2005 11:33:42 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by wolf.pjkh.com (Postfix) with ESMTP id 26F7355A6; Wed, 13 Jul 2005 11:33:42 -0700 (PDT) Date: Wed, 13 Jul 2005 11:33:42 -0700 (PDT) From: Philip Hallstrom To: John Barbieri In-Reply-To: <42D53321.3000409@metrocast.net> Message-ID: <20050713113226.U41290@wolf.pjkh.com> References: <42D53321.3000409@metrocast.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by amavisd-new at pjkh.com Cc: freebsd-questions@freebsd.org Subject: Re: Using Multiple Internet Connections with FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jul 2005 18:33:50 -0000 > To start off, I have a FreeBSD router running Nat and dhcp, it is > currently the router for my LAN. > > I was wondering if there was a way to aggregate more then one internet > connection using FreeBSD? > > That is, have 2 or 3 internet connections coming in on seperate NICs, > and being able to have the box route and nat the packets accordingly to > the lan, thus giving the experience of more bandwidth. Is it even possible? > > Has someone done it before? and if you have, do you have a webpage that > you followed instructions from? I haven't done it, but I've saved the following email/posts that talked about this... I've left them intact so you can see the context... good luck! >From gerti@bitart.com Wed Dec 24 09:35:16 2003 Date: Fri, 3 Nov 2000 18:46:34 -0600 From: Gerd Knops Reply-To: gerti-freebsdq@bitart.com To: Simon Nielsen Cc: questions@FreeBSD.ORG Subject: Re: Two ISP's. Two IP. One default route... Simon Nielsen wrote: > Hello > > I currently have two internet connections though two different ISP's. > One is a ADSL and another is shared with the rest of my dorm. The > shared line is rather slow because many people are using it. > > I must have an IP on the shared connection since that's the only > place where I can be sure to have a non changing IP for my DNS. But > the ADSL is much faster so I would like to use that as much as > possible. > > I can give my machine an IP on each connection but I can of course > only set one default route. The default route is currently set to the > ADSL. The problem is that when a connection is made to IP on the > shared connection my computer uses the ADSL IP to respond and that > does not work. > > Is there a solution to this? I thought about maybe it is possible to > route differently when a connection is made on the shared connection > but I can't find out how to do it. > Yes, it can be done (though I have not found it documented anywhere). I really think there should be separate routing tables for each interface, but I don't know of any such feature in any Unix. However ipfw can be abused for the above task. Assuming: - ipfw is set to pass on default - your ADSL IP/network is a.a.a.a/aa - your shared IP/network is s.s.s.s/ss - your ADSL gateway is set as default route - your shared gateway is s.s.s.gw the following ipfw rules do the trick: # Pass anything that should go via normal routes # This rule is really just to speed up the bulk # of the packets add 1000 allow all from a.a.a.a to any # Pass anything to local addresses on ADSL network add 1010 allow all from any to a.a.a.a/aa # Pass anything to local addesses on shared network add 1020 allow all from any to s.s.s.s/ss # And here the trick: if the source address is the one # from the shared network, pass packets to the # gateway on the shared network add 1030 fwd s.s.s.gw all from s.s.s.s to any With the above connections will leave your system on the same route they entered it. Great for redundant mail and dns setup! If you already use ipfw you need to adapt the above rules accordingly. The important part is that packets coming from your host's shared address going to the 'outside' (and only those packets) are forwarded to the shared networks gateway. Gerd >From mwm@mired.org Wed Dec 24 09:35:23 2003 Date: Sat, 4 Nov 2000 09:34:48 -0600 (CST) From: Mike Meyer To: Simon Nielsen Cc: questions@FreeBSD.ORG Subject: Re: Two ISP's. Two IP. One default route... Resent-Date: Wed, 24 Dec 2003 10:35:16 -0800 (PST) Resent-From: Philip Hallstrom Resent-To: Philip Hallstrom Resent-Subject: Re: Two ISP's. Two IP. One default route... Simon Nielsen types: > I currently have two internet connections though two different ISP's. > One is a ADSL and another is shared with the rest of my dorm. The shared > line is rather slow because many people are using it. > > I must have an IP on the shared connection since that's the only place > where I can be sure to have a non changing IP for my DNS. But the ADSL > is much faster so I would like to use that as much as possible. Question: what are you using the static IP for? I.e. - who connects to it, and vice versa? > I can give my machine an IP on each connection but I can of course only > set one default route. The default route is currently set to the ADSL. > The problem is that when a connection is made to IP on the shared > connection my computer uses the ADSL IP to respond and that does not > work. > > Is there a solution to this? I thought about maybe it is possible to > route differently when a connection is made on the shared connection but > I can't find out how to do it. Well, if you can narrow down who connect on the shared connection, you can add a route for those addresses pointing to the shared connection. It's been about five years, but I used to do that, but if the only people connecting to the shared IP are on the campus net, you can add a route that looks like route add -net campus.net static.ip [campus.netmask]