tech-net: Re: Split traffic between two internet links?

Subject: Re: Split traffic between two internet links?
To: Fernando Diniz Hammerli <hammerli@rdc.puc-rio.br>
From: R. C. Dowdeswell <elric@mabelode.imrryr.org>
List: tech-net
Date: 03/26/2000 09:41:43

Look into ipf, in which you can set up packet filter rules which bounce
packets to arbitrary other machines:

pass in on de0 to de1:xx.yy.zz.ww from xx.xx.10.yy to any
pass in on de0 to de1:xx.yy.zz.WW from xx.xx.zz.ww to any

A few of those rules should probably do the trick.  Keep in mind that
you still want to internal net to be able to talk to the firewall/filter,
so the rules could look more like:

pass in on de0 to de1:xx.yy.zz.ww from xx.xx.10.yy to any
pass in on de0 to de1:xx.yy.zz.WW from xx.xx.zz.ww to any
pass in on de0 from any to me

On 953296565 seconds since the Beginning of the UNIX epoch
Fernando Diniz Hammerli wrote:
>
>Hi, (Sorry for my bad english)
>
>I have the following problem:
>
>I need to splt my internet traffic for two links, depending on the origin 
>address:
>(Currently I'm using a NetBSD firewall/filter)
>
>   ------------------------         ------------------------
>      INTERNET - Link 1                 INTERNET - Link 2
>   ------------------------         ------------------------
>                |                              |
>                |                              |
>                |                              | 
>                |    ---------------------     |
>                -----| FIREWALL / FILTER |------
>                     ---------------------
>                               |
>                               |
>                               |
>                               |
> _|________________|___________|_____________________________
>      |               My Internal Network                   |
>    xx.xx.zz.ww                                        xx.xx.10.yy
>
>(The links are connected via ethernet cable)
>
>I want only the packets coming from xx.xx.10.yy to be routed via link 2, 
>otherwise must be via link 1.
>
>How can I do this? 
>How can I have default gateways for both links at the routing table?
>
>Can I do this under NetBSD? (Other OS?)
>
>Thanks in advance,
>		Fernando
>
>
>-------------------------------------------------------
>Fernando Diniz Hammerli
>hammerli@rdc.puc-rio.br
>
>Pontificia Universidade Catolica do Rio de Janeiro
>Rua Marques de Sao Vicente, 225 - RDC - Sala 205
>Gavea / Rio de Janeiro / RJ - CEP: 22453-900
>Tel: (21) 529-9421
>
>

 == Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/  ==
 == The Unofficial NetBSD Web Pages        http://www.Imrryr.ORG/NetBSD/  ==
 == The NetBSD Project                            http://www.NetBSD.ORG/  ==