|
Page 2 of 3
In the case of internet connection A, as we can see from part 1 of this guide, the interface card for this connection is eth2 (should have been eth1 for understandability i guess, but hey ho). The address of the adsl modem for this connection is 192.168.4.1 . The ip address for the router on this range is 192.168.4.2 , so we know that the range we need (for internet connection A) is 192.168.4.0/24. Finally the public IP address of this connection is (lets say) 1.1.1.1. So lets see how this will look in terms of creating a routing table:
ip route add <ip address range> dev <ethx> scope link src <public ip address> table inboundA
ip route add default via <ip address of router> dev <ethx> table inboundA
For internet connection A
ip route add 192.168.4.0/24 dev eth2 scope link src 1.1.1.1 table inboundA
ip route add default via 192.168.4.1 dev eth2 table inboundA
So this creates a new routing table that deals specifically with inbound requests comming in on internet connection A, now the same for B
ip route add 192.168.5.0/24 dev eth1 scope link src 2.2.2.2 table inboundB
ip route add default via 192.168.5.1 dev eth1 table inboundB
We now have both of our inbound routing tables, and we need to define rules as to when they should be used. They are fairly simple. They basically say, if the request comes in on internet connection A, route via inboundA. If it comes in on internet connection B, route via inboundB:
ip rule add from 1.1.1.1 lookup inboundA
ip rule add from 2.2.2.2 lookup inboundB
Finally, dont forget to allow whatever service your publishing through your firewall:
$IPTABLES -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
That gets things working for hosting a service on the router itself. Try it and see, start apache If its not started already, and (preferably using a third interent connection) try accessing a page on your web server, it should return the same page which ever public ip address you request (1.1.1.1 or 2.2.2.2) .Put these additional command into your .sh file so they can be executed when the router is rebooted. I prefer to group my routing table creation commands together based on function (e.g. command for outbound routing in one block, and inbound routing in another), and the firewall commands together. Ive written a script which (with the correct hardware) will turn your router into a dual internet connection inbound / outbound router with conditional traffic type routing on. Its available in Part 3
|
Linux stuff 
Check out the 10 mile round trip I had to do to login into a site that was asking for a username and password 
| 
| 
