Date: Sat, 01 Jan 2011 23:29:38 -0800 From: Julian Elischer <julian@freebsd.org> To: Nima Khoramdin <nima.gooler@gmail.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: IPFW - NAT - two gateway -HELP Message-ID: <4D202962.8090209@freebsd.org> In-Reply-To: <AANLkTimVwgONiMpdvBdk5-MKQyjmeW%2BMOYubHcY8_%2BB6@mail.gmail.com> References: <AANLkTinKTWGOmK9Pu92AgCcgvVHzsh4hD0PvH_1LXRH5@mail.gmail.com> <4D1FC784.2000409@freebsd.org> <AANLkTimVwgONiMpdvBdk5-MKQyjmeW%2BMOYubHcY8_%2BB6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/1/11 10:42 PM, Nima Khoramdin wrote:
> hello again
>
> ok Maybe I was wrong explain. I already have an ip address in my network is
> working with NAT ( nat to internal web server ) , i want to add another NIC
> with a new isp (IP) for backup, and new nat rule.
>
> how can i set two separated gateways on freebsd.
>
> thanx
>
so, your addresses are NOT 172... and 10.....?
Assuming you have a way to get the externally sourced packets to your
interface, then you have a couple of options.
Firstly you will need to either use two natd instances, or single
natd using tow of the new 'instance' sections.
(quoting from the natd man page...)
--------start quote-------
Options can be divided to several sections. Each
section
applies to own natd instance. This ability allows
to config-
ure one natd process for several NAT instances. The
first
instance that always exists is a "default"
instance. Each
another instance should begin with
instance instance_name
At the next should be placed a configuration
option. Exam-
ple:
# default instance
port 8668
alias_address 158.152.17.1
# second instance
instance dsl1
port 8888
alias_address 192.168.0.1
Trailing spaces and empty lines are ignored. A `#'
sign will
mark the rest of the line as a comment.
-instance instancename
This option switches command line options processing
to con-
figure instance instancename (creating it if
necessary) till
the next -instance option or end of command line.
It is eas-
ier to set up multiple instances in the
configuration file
specified with the -config option rather than on a
command
line.
--------- end quote---------
you can then use the ipfw 'fwd' command to decide which goes where
or alternatively, you can also use the new multiple routing table feature
to decide which sessions go to which gateway.
>>
>> ISP1 ISP2
>> wireless connection ADSL
>> 2mb/2mb 1mb/1mb
>> 172.16.1.1/23 10.0.0.1/23
>>
>> | |
>> | |
>> | |
>> | |
>> static static
>> 172.16.1.5 10.0.1.15
>> *aue0*******************tun0*
>> * FreeBSD *
>> *************ep0*************
>>
>> 192.168.1.254
>> |
>> |
>> *****
>> Private LAN
>> 192.168.1.0/24
>> |
>> |
>> |
>> webserver
>>
>> 192.168.1.121
>>
>>
>> how to use of this two gateways for my internal webserver with ipfw& nat
>>
>> i want to know how can i use ISP2 adsl as ISP1 ( i mean if anyone put ISP1
>> (172.16.1.5) , ISP2 (10.0.10.15) to the browser , can see my internal
>> webserver page with two separated ISPs ) not load balance . i want to use
>> two ISPs at the same time .
>>
> do you REALLY have 172.16.1.5 and 10.0.1.15 as your IP addresses?
> If so there is no way you can be reached from the outside..
> unless you have made an agreement with the ISPs to forward some address/port
> to you.
> They are doing NAT on your outgoing sessions as it is already..
>
>
>
>
> sorry for my bad explanation
>> thanx
>> _______________________________________________
>> freebsd-ipfw@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
>>
>>
> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D202962.8090209>