From 2dbbf8420bc8ca794912681a07a7726a51748d0f Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 16 Jul 2007 18:24:23 +0000 Subject: [PATCH] Extend MultiISP example to three interfaces git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6885 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- docs/MultiISP.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml index 08a0e5821..f0aaf1f9f 100644 --- a/docs/MultiISP.xml +++ b/docs/MultiISP.xml @@ -755,6 +755,49 @@ eth1 eth2 130.252.99.27 2:P <local network> 0.0.0.0/0 tcp 25 +
+ More than 2 Providers + + When there are more than two providers, you need to extend the + two-provider case in the expected way: + + + + For each external address, you need an entry in + /etc/shorewall/masq to handle the case where a + connection using that address as the SOURCE is sent out of the + interfaces other than the one that the address is configured + on. + + + + For each external interface, you need to add an entry to + /etc/shorewall/masq for each internal network + that needs to be masqueraded (or use SNAT) through that + interface. + + + + If we extend the above example to add eth3 with IP address + 16.105.78.4 with gateway 16.105.78.254, then: + + /etc/shorewall/providers:#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY +ISP1 1 1 main eth0 206.124.146.254 track,balance eth2 +ISP2 2 2 main eth1 130.252.99.254 track,balance eth2 +ISP3 3 3 main eth3 16.105.78.254 track,balance eth2 + + /etc/shorewall/masq:#INTERFACE SUBNET ADDRESS +eth0 130.252.99.27 206.124.146.176 +eth3 130.252.99.27 16.105.78.4 +eth1 206.124.146.176 130.252.99.27 +eth3 206.124.146.176 16.105.78.4 +eth0 16.106.78.4 206.124.146.176 +eth1 16.106.78.4 130.252.99.27 +eth0 eth2 206.124.146.176 +eth1 eth2 130.252.99.27 +eth3 eth2 16.105.78.4 +
+
Applications running on the Firewall