shorewall-users April 2012 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: Re: [Shorewall-users] Problem with nat on a mul

Re: [Shorewall-users] Problem with nat on a multiple isp configuration

From: Alessandro Faglia <alessandro.faglia_at_nospam>
Date: Thu Apr 12 2012 - 13:14:28 GMT
To: Shorewall Users <shorewall-users@lists.sourceforge.net>

On Thu, Apr 12, 2012 at 8:20 AM, Alessandro Faglia <
alessandro.faglia@serioplast.com> wrote:

> On Wed, Apr 11, 2012 at 5:35 PM, Tom Eastep <teastep@shorewall.net> wrote:
>
>>
>> Have you looked at eth1 with tcpdump when doing this test? If you use
>> the -e option (e.g., tcpdump -nei eth1 port 25 and host <nmap-host-ip>)
>> you can see if the mail server is responding and with what destination
>> MAC.
>>
>
> [...]
>
>
Moreover: this is the providers file on the shorewall box
<isp1> 1 1 main eth4 192.168.0.1
track,balance,optional eth1,eth2,tun*
<isp2> 2 2 main ppp0 detect
 track,balance,optional eth1,eth2

eth4 is connected to a Cisco router which is in turn connected to an
optical fiber uplink (the public IP is bound to the WAN NIC of this
device). The LAN IP of this box is 192.168.0.1 and eth4 is 192.168.0.2. The
cable from the PPP antenna is connected to eth3 and the pppd daemon is
managing the connection. The tun* you see is used by OpenVPN which is
running on the same server.

If I understand correctly the track option should "magically" route back
packets via the incoming NIC (in this case ppp0), is it correct? I'm just
trying to better understand how the system is dealing such packets.

Thanks.
Alessandro

------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users