From owner-freebsd-net Thu Oct 26 19:31: 3 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id DB72737B479 for ; Thu, 26 Oct 2000 19:30:59 -0700 (PDT) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id UAA49488; Thu, 26 Oct 2000 20:30:57 -0600 (MDT) Date: Thu, 26 Oct 2000 20:30:57 -0600 (MDT) From: Nick Rogness To: John Telford Cc: freebsd-net@FreeBSD.ORG Subject: Re: Multihomed natd, nics and default gateways continued. In-Reply-To: <002601c03fa5$a760da30$0100000a@johnny5> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 26 Oct 2000, John Telford wrote: > Nick, > You are wise in the ways of FreeBSD and routing. Could you take a moment and provide some tips on how I could expand on your help to John Prince ? > I have a similar setup but would like it to behave slightly differently. My setup: > 1 internal interface. > 1 external interface doing natd, default gateway routing for the internal to an isp. > We have now brought in a second ISP and put a 3rd interface into the Freebsd box. I'd like to have a setup like this: > > ISPA-----------interface A_fxp0 > fxp2_NATD--interface C---------internal network 10.130.x.x > ISPB-----------interface b_fxp1 > > I would like to have all internal -> external traffic route through > ISPA. In the event that ISPA goes down then the ISPB connection should > take over automatically with out the users noticing except that things > are slower because ISPB is a slower connection. This means the default > gateway would have to change on the fly and I can't seem to locate > much information on how this can work. For ipfw: #Divert traffic from internal out and in interface ISP A ipfw add 101 divert natd ip from any to any via $fxp0 #Divert traffic from internal network in and out ISP B ipfw add 201 divert natd2 ip from any to any via $INTERFACE_A #Leave on for testing until it works ipfw add 3000 allow ip from any to any For natd: Then after you do that setup the 2 different natd`s to listen on different ports (default 8668) and another entry int /etc/services: natd2 8669/divert # Network Address Translation Then run the nat`s seperately: root# natd -p 8668 -n fxp0 root# natd -p 8669 -n fxp1 For routing: Add 2 default routes, one primary (ISP A) and one backup (ISP B). Since ISP A is a prefered route...it gets the more specific route: root# route add -net 0.0.0.0 $GATEWAY_IP_ISP_A -netmask 128.0.0.0 root# route add -net 128.0.0.0 $GATEWAY_IP_ISP_A -netmask 128.0.0.0 root# route add -net 0.0.0.0 $GATEWAY_IP_ISP_B -netmask 0.0.0.0 Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message