From owner-freebsd-questions@FreeBSD.ORG Tue Dec 27 06:12:32 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C234216A41F for ; Tue, 27 Dec 2005 06:12:32 +0000 (GMT) (envelope-from tedm@toybox.placo.com) Received: from mail.freebsd-corp-net-guide.com (mail.web-strider.com [65.75.192.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 338FC43D58 for ; Tue, 27 Dec 2005 06:12:32 +0000 (GMT) (envelope-from tedm@toybox.placo.com) Received: from tedwin2k (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id jBR6FlP81172; Mon, 26 Dec 2005 22:15:48 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: , "Loren M. Lang" Date: Mon, 26 Dec 2005 22:12:26 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 In-Reply-To: <20051226155759.16443.qmail@web33304.mail.mud.yahoo.com> Importance: Normal Cc: Yance Kowara , freebsd-questions@freebsd.org Subject: RE: FreeBSD router two DSL connections X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Dec 2005 06:12:32 -0000 >-----Original Message----- >From: Danial Thom [mailto:danial_thom@yahoo.com] >Sent: Monday, December 26, 2005 7:58 AM >To: Ted Mittelstaedt; Loren M. Lang >Cc: Yance Kowara; freebsd-questions@freebsd.org >Subject: RE: FreeBSD router two DSL connections > > > >You're not using illegal addresses when you load >balance, Ted. You're using real address that all >of your upstream ISPs need to know about. Why >can't you grasp this concept? > So you finally figured it out, Danial. These "get one DSL line from one ISP and a cable line from another ISP" schemes will not work precisely because while the upstream ISP's need to know about your real addresses, they don't. ISP A that you have a DSL line to and assigns you 10.0.0.1 as an IP number is expecting traffic to come from you with a destination IP number of anywhere on the Internet, and a source IP number of 10.0.0.1 ISP B that you have a cable line to and assigns you 192.168.0.1 as an IP number is expecting traffic to come from you with a destination IP number of anywhere on the Internet, and a source IP number of 192.168.0.1 If you use 10.0.0.1 as a source IP for a packet that you send to ISP B, then ISP B's ingress filters will not see this packet with a source IP of 192.168.0.1, and assume it's bogus, and drop it. If you use 192.168.0.1 as a source IP for a packet that you send to ISP A, then ISP A's ingress filters will not see this packet with a source IP of 10.0.0.1, and assume it's bogus, and drop it. Very simple concept for anyone to grasp. Ted