On Sat, Sep 10, 2005 at 11:57:38AM -0400, Scot L. Harris wrote: > On Sat, 2005-09-10 at 11:15, Brent wrote: > > > Right. I have the routes, but it doesn't seem to help, everything still > > seems to head back out the cable modem. I guess because it is the > > default, it takes precedence over the others. > > Brent > > No, the default route will be used last. It would help if you posted > the output from: > > netstat -rn > > This will show us the routing table on your system. If you have other > networks behind the one interface you will need specific routes to get > to those via the router on that network. Any routes that are not local > directly connected networks or do not have a specific route entry will > use the default route. Which is exactly the problem. He is getting traffic from the private if originating from the Internet (right?). He is getting traffic from the public if also originating from the Internet. Standard routing can only differentiate on the basis of destination address. You're in luck though! Take a look at: http://www.lartc.org/howto/ Look at routing for multiple uplinks/providers assuming you look like this (10.11.12.13 is your cable modem address, public routable) (10.11.12.1 is your gateway for the cable modem) (192.168.0.50 is your private address) (192.168.0.1 is your firewall private IP) (10.11.12.15 is your firewall's public IP) eth1 (10.11.12.13) ---> Internet eth0 ---> 192.168.0.0/24 <--- int firewall ext ---> Internet (192.168.0.50) (192.168.0.1) (10.11.12.15) The following will reply to traffic on the interfaces it originated from, and will use eth1 for new traffic. (I used a setup like this to wean my mail/web servers off of one provider onto another while DNS updated and propagated - zero downtime) # create tables for each provider echo 200 pref >> /etc/iproute2/rt_tables echo 201 fw >> /etc/iproute2/rt_tables ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13 table pref ip route add default via 10.11.12.1 table pref ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50 table fw ip route add default via 192.168.0.1 table fw ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13 ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50 ip route add default via 10.11.12.1 ip rule add from 10.11.12.13 table pref ip rule add from 192.168.0.50 table fw
