|
Page 1 of 2 Part 1 : Routing over two Internet connections with Linux
Part 2 : Inbound routing with two internet connections
In part 2 of "Inbound and outbound routing with two internet connections" I promised I would upload the script that makes the whole thing possible. So finally, here it is!
Now, If I was reading this I would think "Hey! sod reading all that crap about how it works! why dont I just download this script and hey presto!" and who can blame? But I really do recommend you read them (of course Im going to say that, I wrote them!) but in order to understand what the script does, and why, you really need to read both parts. I put the script together myself, admitedly with a lot of help from this page. but ultimately, there's nothing better for understanding a subject that sitting down getting your head around it. So download and enjoy! A few things to remember:
- IP addresses in the script have been changed to protect the innocent.
- The script also starts the openswan ipsec server on the router - which I havent really mentioned in either article (Sorry!)
- Alot of the ip rules and routes are added using a function which first checks to see if the rule or route already exists. This means that the Script settings can be changed and run again without having to reboot
- All of the functions Ive mentioned are near the top of the script
- All of the variables you'll need to change are at the very top of the script
- Ive commented fairly well to make it easier to follow
- Thats it.
Enough of my ramblings! Here it is
A bit more
One of the features of IPtables is that it allows dynamic insertion and deletion of rules without having to reload it. So lets say (as happened to me last week) Internet connection B goes down. (Either in part or in whole) and all http traffic (80) is going out via this connection (B) we have two choices:
- Load up our router script and change the routetraffic commands to route http traffic over A and reload the script, this will of course disconnect anyone who has any other connection open and still functioning over internet connection B (shouty telephone conversations ensue)
- Change the rules dynamically to route http traffic over internet connection A, maintaining the existing connections which already exist on A, and generally contribute to a more peacful work environment
I consider myself more of a pacifist, so I think the second one is the best. How can we do this? Well a small amount of routing in the IPTABLES manual gave the answer (fairly obvious to you IPTABLES experts out there I imagine).
Lets have a look at the commands we'll use....
|
Linux stuff 
Check out the 10 mile round trip I had to do to login into a site that was asking for a username and password 
| 
| 
