David, thanks for your insight on proxy arp. I have however given this up
for now, and will explore other options.
> > Hi David
> > Thanks a whole lot for answering! :-)
> > 126.96.36.199 is the default gateway, it's a preconfigured router
> > to
> > us from our ISP. There are no services that we need on it.
> > eth1 is used for our second internet connection, our 'backup
> > its
> > got an ip like 188.8.131.52
> > I have configured iptables to do dnat to some of our hosts on eth0. To
> > this work i had to read some of the adv routing howto, esp chapter 4.
> > eth0 is our internal network, on ip 184.108.40.206
> > eth2 is our internal network, on ip 220.127.116.11
> > I have not configured load balancing, all outbound traffic should go
> > eth2 if the connection is alive. Only if the connection dies should
> > traffic be sent through eth1.
> > So let me see if i understand:
> > - I turn on proxy arp for eth0
> > - eth2 should be configured like this (ifcfg-eth2):
> > DEVICE=eth2
> > BOOTPROTO=static
> > IPADDR=18.104.22.168
> > NETMASK=255.255.255.255
> > BROADCAST=22.214.171.124
> > ONBOOT=yes
> > And these entries are correct (from 'route') ?
> > Destination Gateway Genmask Flags Metric Ref Use
> > Iface
> > 126.96.36.199 * 255.255.255.255 UH 0 0 0
> > default 188.8.131.52 0.0.0.0 UG 0 0 0
> > I tried the ifcfg settings above, and at least I'm able to ping
> > 184.108.40.206
> > through eth2. The route settings are the same as I always had..
> > You said that "eth0 should answer arp requests for anything on its other
> > interfaces", and I'm a bit confused. I only need it to answer for
> > 220.127.116.11. What hosts can be considered 'on its other interfaces'?
> > I will read up on proxy_arp, and see if it lets me do what i want it to,
> > then
> > experiment some more later. This seems promising! :-)
> It is hard to be specific without knowing what networks are on your
> various interfaces. And I am not sure how proxy_arp works if you have a
> 3rd interface that needs to be masqueraded. I currently have a
> configuration like this:
> PPPoE(eth1)-Linux1-eth0-----eth0-Linux2-eth1-----WAP wireless-laptop
> Linux1 does firewall/masq
> proxy_arp is enabled for eth0 of Linux2
> eth1 of Linux2 is 255.255.255.248 subnet of main LAN 255.255.255.0 subnet.
> In your case you have:
> eth0-----alternate gw
> With proxy_arp enabled on eth0, it would answer for IPs on eth2, and you
> should not have any traffic destined for the internet coming in through
> eth0, so it should work. You need to masquerade anything going out eth1.
> Not sure if you need to masq eth0 (depends whether eth0 and eth2 are
> public IPs).
> >> Set eth0 to any IP other than 18.104.22.168
> >> Set up eth2 with any other 123.123.123.x IP netmask 255.255.255.255
> >> broadcast (same as IP). Same host and default routes to 22.214.171.124
> >> dev eth2.
> >> echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp.
> >> Then eth0 should answer arp requests for anything on its other
> >> (including 126.96.36.199). However, you have not said what is on eth1,
> >> maybe you need to read the Adv-Routing HOWTO instead of using proxy_arp
> >> (if you are doing something like load balancing or fallback between
> >> eth2 for internet connections).
> >> If 188.8.131.52 represents a public IP, you likely also need to do
> >> sort of masquerading.
> David Efflandt - All spam ignored http://www.de-srv.com/