diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml
index 04b14e1a7..2f4ac8cd4 100644
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@@ -973,6 +973,84 @@ gateway:~ #Note that because we used a priority of 1000, the
+
+ USE_DEFAULT_RT
+
+ Beginning with Shorewall 4.2.0 Beta3, Shorewall-perl has supported
+ a USE_DEFAULT_RT option in shorewall.conf (5).
+
+ One of the drawbacks of the Mulit-ISP support as described in the
+ preceding sections is that changes to the main table made by
+ applications are not added to the individual provider tables. This makes
+ route rules such as described in one of the
+ examples above necessary.
+
+ USE_DEFAULT_RT=Yes works around that problem by passing packets
+ through the main table first rather than last. This has a number of
+ implications:
+
+
+
+ Both the DUPLICATE and the COPY columns in the providers file
+ must remain empty or contain "-". The individual provider routing
+ tables generated when USE_DEFAULT_RT=Yes contain only a host route
+ to the gateway and a default route via the gateway.
+
+
+
+ The balance option is assumed
+ for all interfaces that do not have the loose option. When you want both balance and loose, both must be specified.
+
+
+
+ The default route generated by Shorewall is added to the
+ default routing table (253) rather than to the
+ main routing table (254).
+
+
+
+ Packets are sent through the main routing table by a routing
+ rule with priority 999. In ), the priority range 1-998 may be used
+ for inserting rules that bypass the main table.
+
+
+
+ All provider gateways must be specified explicitly in the
+ GATEWAY column. 'detect' may not be specified. Note that for ppp
+ interfaces, the GATEWAY may remain unspecified ("-").
+
+
+
+ You should disable all default route management outside of
+ Shorewall. If a default route is inadvertently added to the main
+ table while Shorewall is started, then all policy routing will stop
+ working except for those routing rules in the priority range
+ 1-998.
+
+
+
+ Although 'balance' is automatically assumed when
+ USE_DEFAULT_RT=Yes, you can easily cause all traffic to use one provider
+ except when you explicitly direct it to use the other provider via
+ shorewall-route_rules
+ (5) or shorewall-tcrules
+ (5).
+
+ Example (send all traffic through the 'shorewall' provider unless
+ otherwise directed).
+
+ /etc/shorewall/providers:#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
+linksys 1 1 - wlan0 172.20.1.1 track,balance=1,optional
+shorewall 2 2 - eth0 192.168.1.254 track,balance=2,optional/etc/shorewall/route_rules:#SOURCE DEST PROVIDER PRIORITY
+- - shorewall 11999
+
+
Two Providers Sharing an Interface
@@ -1062,12 +1140,12 @@ gateway:~ #Note that because we used a priority of 1000, the
The local wired network in my office is connected to both gateways
and uses the private (RFC 1918) network 172.20.1.0/24. The Comcast
gateway has local IP address 172.20.1.1 while the Avvanta gateway has
- local IP address 172.20.1.1. Ursa's eth0 interface has a single IP
+ local IP address 172.20.1.254. Ursa's eth0 interface has a single IP
address (172.20.1.130).This configuration uses USE_DEFAULT_RT=Yes in
shorewall.conf (see below).
+ linkend="USE_DEFAULT_RT">above).
Here is the providers file:
@@ -1103,8 +1181,8 @@ wireless 3 3 - wlan0 172.20.1.1 track,o
- The wireless provider is
- never used when the laptop is connected to the wired network.
+ I always disable the wireless
+ interface when the laptop is connected to the wired network.
@@ -1172,83 +1250,5 @@ wlan0 192.168.0.0/24
don't need to specify the providers in the masq rules.
-
-
- USE_DEFAULT_RT
-
- Beginning with Shorewall 4.2.0 Beta3, Shorewall-perl has supported
- a USE_DEFAULT_RT option in shorewall.conf (5).
-
- One of the drawbacks of the Mulit-ISP support as described in the
- preceding section is that changes to the main table made by applications
- are not added to the individual provider tables. This makes route rules
- such as described in one of the examples
- above necessary.
-
- USE_DEFAULT_RT=Yes works around that problem by passing packets
- through the main table first rather than last. This has a number of
- implications:
-
-
-
- Both the DUPLICATE and the COPY columns in the providers file
- must remain empty or contain "-". The individual provider routing
- tables generated when USE_DEFAULT_RT=Yes contain only a host route
- to the gateway and a default route via the gateway.
-
-
-
- The balance option is assumed
- for all interfaces that do not have the loose option. When you want both balance and loose, both must be specified.
-
-
-
- The default route generated by Shorewall is added to the
- default routing table (253) rather than to the
- main routing table (254).
-
-
-
- Packets are sent through the main routing table by a routing
- rule with priority 999. In ), the priority range 1-998 may be used
- for inserting rules that bypass the main table.
-
-
-
- All provider gateways must be specified explicitly in the
- GATEWAY column. 'detect' may not be specified. Note that for ppp
- interfaces, the GATEWAY may remain unspecified ("-").
-
-
-
- You should disable all default route management outside of
- Shorewall. If a default route is inadvertently added to the main
- table while Shorewall is started, then all policy routing will stop
- working except for those routing rules in the priority range
- 1-998.
-
-
-
- Although 'balance' is automatically assumed when
- USE_DEFAULT_RT=Yes, you can easily cause all traffic to use one provider
- except when you explicitly direct it to use the other provider via
- shorewall-route_rules
- (5) or shorewall-tcrules
- (5).
-
- Example (send all traffic through the 'shorewall' provider unless
- otherwise directed).
-
- /etc/shorewall/providers:#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
-linksys 1 1 - wlan0 172.20.1.1 track,balance=1,optional
-shorewall 2 2 - eth0 192.168.1.254 track,balance=2,optional/etc/shorewall/rules:#SOURCE DEST PROVIDER PRIORITY
-- - shorewall 11999
-
-
\ No newline at end of file
+