From owner-freebsd-questions Tue Jan 23 6:42:16 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.wmptl.com (mail2.wmptl.com [216.94.6.26]) by hub.freebsd.org (Postfix) with ESMTP id DD65A37B6A5 for ; Tue, 23 Jan 2001 06:41:54 -0800 (PST) Received: from wmptl.com ([10.0.0.168]) by mail2.wmptl.com (8.9.3/8.9.3) with ESMTP id JAA40396; Tue, 23 Jan 2001 09:55:36 -0500 (EST) (envelope-from webmaster@wmptl.com) Message-ID: <3A6D9745.4064F763@wmptl.com> Date: Tue, 23 Jan 2001 09:37:57 -0500 From: Nathan Vidican X-Mailer: Mozilla 4.7 [en] (Win95; U) X-Accept-Language: en MIME-Version: 1.0 To: elkvixen@easyfrag.dk Cc: questions@freebsd.org Subject: Re: Two Adsl routers in one routing system References: <20010123091016.15805.qmail@web11502.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ElkVixen wrote: > > I would like to know if it's possible to install two > routers on a freebsd system, which is acting as a > router for the clients on my network. > > What I want to do is "split" the traffic from the > clients going out on to the Internet through the two > ADSL routers, so all traffic requested from the > clients via port 21 and 80 goes through one ADSL and > the rest of the traffic goes via the other router. > > Cx = Clients on the network > Rx = The ADSL routers > B = The BSD router > > 21, 80 > C1 --| |------- R1 > |--- B --| > c2 --| |------- R2 > > R1 is on ed1 > R2 is on ed0 > The network is connected via the ed1 also, but I can > put it on a seperate NIC lnc0 > > I have two seperate External IP addresses. One for > each ADSL. > > I'm using NATD and ipfw to route via one of the > routers. > Also I can change the default router, so I change > between them, but that still leaves one adsl unused. > > Is there anyway to do this? > > Kristian Hald > > ===== > Are you a "singleplayer", Being made fun of because you can not play multiplayer games. > > easyfrag.dk because we play together. > > __________________________________________________ > Do You Yahoo!? > Yahoo! Auctions - Buy the things you want at great prices. > http://auctions.yahoo.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message If that is the case, then may I suggest using squid? You could run natd, (or whatever you're currently running... making a general assumption here), on the interface which you want to be able to access everything from except port 80/21. Then just run squid on the other interface. This will setup a networked http/ftp cache, which will not only allow you to 'route' only http/ftp traffic, but also cache the traffic and save on bandwidth. dependant upon the installation, caching can save sometimes 30-50% of your bandwidth. I've been running a 1Gig cache here now for like almost 8months, and it's made a HUGE difference; not to mention made things a little more secure :) Of course, I suppose if you wanted just strict routing, you could still just setup some simple IPFW rules to disallow port 80/21 on one interface, and nothing but on the other. However, if by 'routing 21', you intend to allow you're LAN access to FTP sites, then you may want to do some reading up on FTP. FTP once connected, uses many ports to communicate. Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message