Date: Tue, 11 Nov 2003 10:36:09 +0100 From: "Gorm J. Siiger" <gjs@sonnit.dk> To: freebsd-ipfw@freebsd.org Subject: ipfw FWD, NAT and routing Message-ID: <20031111093609.GI94551@SonnIT.DK>
next in thread | raw e-mail | index | archive | help
Hi
I'm experimenting with a dual ISP setup using NAT, as eacy ISP has provided
me with a subnet of official IP adresses.
Network setup:
-------- --------
| ISP1 | | ISP2 |
-------- --------
| |
| -------- |
-----| FW |----
--------
|
|
--------
|Server|
--------
ISP1 LAN : 20.0.0.0/29
ISP2 LAN : 21.0.0.0/29
Server LAN : 10.0.0.0/24
Server IP on ISP1: 20.0.0.2
Server IP on LAN: 10.0.0.2
Server IP on ISP2: 21.0.0.2
Server IP on LAN: 10.0.0.3
The default gateway for the FW box is ISP1
I can connect to the whole world via ISP1 from the server with source IP
10.0.0.2 but when I try to connect to a host via ISP2 from source 10.0.0.3
the TCP connection is very slow, and there is a lot of retransmissions.
If I change the FW's default gateway to ISP2 it works like a charm.
Any suggestions on how to fix this problem.
/usr/local/etc/natd.conf
use_sockets
unregistered_only yes
alias_address 20.0.0.6
redirect_address 10.0.0.2 20.0.0.2
redirect_address 10.0.0.3 21.0.0.2
/etc/rc.firewall
${fwcmd} add 400 divert natd all from any to any via ${isp0if}
${fwcmd} add 405 divert natd all from any to any via ${isp1if}
${fwcmd} add 505 fwd 21.0.0.0 ip from 21.0.0.0/29 to any
--
Gorm J. Siiger - SonnIT
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031111093609.GI94551>