On Monday 26 February 2007 18:43, Korey O'Dell wrote:
> Folks,
> Ive got two ISP connections that I am using with:
> ---
> ip route add 192.168.200.0/24 dev eth2 src 192.168.200.11 table connection1
> ip route add default via 192.168.200.1 table connection1
>
> ip route add x.175.244.0/24 dev eth1 src x.175.244.2 table connection2
> ip route add default via x.175.244.1 table connection2
>
> ip rule add from 192.168.200.11 table connection1
> ip rule add from x.175.244.2 table connection2
>
> echo "Enabling load balancing between ISP connections..."
> ip route add default scope global nexthop via 192.168.200.1 dev eth2
> weight 1 nexthop via x.175.244.1 dev eth1 weight 1
>
> iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to x.175.244.2
> iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to 192.168.200.11
>
> ---
>
>
> The 192.168.200.x (lan) network gets to the internet via another gateway
> (192.168.200.1).
> Client machines on the 200.x network work ok except for ssh connections
> to machines on the internet hanging. It asks for a password and hangs.
> Any ideas? Thanks Korey
Yes your hit a big FAQ, read this[1][2] thread (from this same week). There
are two alternatives full solutions explained to that problem, both uses
netfilter CONNMARK.
[1]http://mailman.ds9a.nl/pipermail/lartc/2007q1/020354.html
[2]http://mailman.ds9a.nl/pipermail/lartc/2007q1/020360.html
--
Luciano
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
|