[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Multiple PPP IPForwarding...

Posted on 1998-05-01
2
Medium Priority
?
259 Views
Last Modified: 2010-03-18
We are trying to set up two PPP's, to two different ISP's, one of which (ppp1) will carry all of our LAN's internet mail (smtp -25, pop3 -110) traffic, and the other (ppp0) the balance of our internet traffic (http, ftp, etc.)

The mail (ppp1) connection is full time, the "rest" (ppp0) is dial-on-demand (diald, already working fine).

We already have the "mail only" IPForwarding rules sorted, so we are looking for the "exclude mail" rules, as well as the rules to ensure that traffic is routed to the correct port.

An extra problem is that it seems that if you have ppp0, then ppp1, both are recognised, but if you only start ppp1, the system thinks it is ppp0!

We are running RH5.0, 486/66, 24Mb, 1 x NE2000 (eth0), and 2 x modems.
0
Comment
Question by:Spikeman050198
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
mrausch earned 100 total points
ID: 1584106
> looking for the "exclude mail" rules, as well as the rules to

I suppose with "mail only" rules, you allow connections from the
outside to port 25 on your side, and from your side to port 25
on any machine on the outside, denying the rest. When you want
to disallow mail traffic (that's what you problaby mean with
"exclude mail" rules) just invert that. Deny traffic to/from
port 25 and allow all the rest.

> ensure that traffic is routed to the correct port.

Here you want a policy-based routing. Later 2.1 kernels are
able to do this, but these development kernels are probably not
something you want to use for stability reasons.
Probably the easiest way is to set up another box which carries
the dedicated mail ppp link and let your first machine forward
all mail traffic to the second one. On the first on, you now have
an default route via what was ppp1 before, and mail is forwarded
to box #2, which has an default route to what was ppp0 before.
If this second box is no choice, perhaps you can ask your ISP
to do primary MX for you, and let his mail server relay the
data to you.

Re. your last problem, you can specify the interface address
instead of the interface name in the ipfwadm rules, that is
just give "ipfadm <thisandthat> -V address.of.ppp0.interface"
instead of "ipfwadm <thisandthat> -W ppp0"


0
 

Author Comment

by:Spikeman050198
ID: 1584107
We still need a bit more information on this one...
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question