From owner-freebsd-net Fri Jun 11 13:46: 0 1999 Delivered-To: freebsd-net@freebsd.org Received: from star1.iwl.net (star1.iwl.net [206.136.182.130]) by hub.freebsd.org (Postfix) with ESMTP id 9D0021533B for ; Fri, 11 Jun 1999 13:45:55 -0700 (PDT) (envelope-from star@iwl.net) Received: (from root@localhost) by star1.iwl.net (8.8.8/8.8.4) id PAA11270; Fri, 11 Jun 1999 15:45:47 -0500 (CDT) Date: Fri, 11 Jun 1999 15:45:47 -0500 (CDT) From: star@iwl.net Message-Id: <199906112045.PAA11270@star1.iwl.net> To: freebsd-net@freebsd.org Subject: NAT Gateway to multiple ISPs Reply-To: star@iwl.net X-Mailer: [XMailTool v3.1.2b] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, I was wondering if anyone may have a suggestion for a configuration like this: I am setting up a home/office network with NAT filtering gateway on a dual-NIC FreeBSD 3.2 box. No problem so far - I've set up several like this using natd on 2.2.8. The new wrinkle is this: I need to connect to two ISPs (DSL & Cable Modem), ideally with automatic failover and load balancing when multiple internal PC's are generating internet traffic. I know that this requires running gated (or routed) to receive RIP or OSPF messages from the ISPs, and to select the best outgoing ISP's route. The key question is: while the routing program probably requires a third NIC so that each external link has its own device, how can natd handle multiple external internet interfaces. I've been searching in several directions: 1) Using "ifconfig alias" option to map the two external addresses assigned by the two ISPs into the same NIC - would seem to confuse the routing of outgoing traffic, although I have 'aliased' reliably on a fbsd web server (all in the same subnet) and have also seen multiple subnets peacefully coexist on the same physical network. 2) Somehow get natd or another NAT server to recognise two outgoing interfaces - this would also seem to confuse the functioning of the routing program. 3) Configure an internal pseudo-device (tun ?) or divert socket, link between natd (and the internal NIC) on the inside and gated or routed (and the two external NICS) on the outside. This way, natd and the routing program would be completely isolated and wouldn't need to know that the other existed. ISP1 - NIC1 \ gated - TUN - natd - NIC3 - internal net / device ISP2 - NIC2 The third seems the best choice, but I haven't seen any discription of this type of configuration. Any advice ? Thanks very much for Any help, Andy Starratt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message