Help! Two different gateways on the same machine...

[blazter]

Hi there people. I'm facing a very difficult problem.
I've set up a linux gentoo box with 2 ethernet cards. This machine should be a firewall and internet router.
I've 2 different types of internet connection attached to this pc:

1. a Efficient Networks modem on a switch doing NAT. This modem is accessed by the machine through a gateway address.
2. a direct ip conection to the internet. this is a internet connection that's up giving the ethernet card the right ip and gateway.

So this is the configuration:

Internet <-> NAT Modem <-> Switch <-> gentoo box pointing to the modem gateway for internet access.
Internet <-> Ethernet Card configured with a valid ip on the internet

The ethernet cards' configuration:

Eth0:
ip: 10.0.0.100 (local ip)
gateway: 10.0.0.138 (modem)

Eth1:
ip: 200.0.0.100 (a valid ip on the internet)
ip: 200.3.123.123 (the gateway used for internet access through this interface)

I need to use the 2 ethernet cards to route the internet access.
I'm using iptables, and the configuration is all right, the problem is that gentoo is using the default gateway 10.0.0.138, for internet access no matter what rule I set with iptables.
When the gateway is set to 10.0.0.138 (modem), all internet connections are routed through eth0, but eth1 don't work right.
Although when I set 200.3.123.123 (direct ip access) as the default gateway, the internet access is routed to the eth1 interface.

I need some way to set a gateway for eth0 and a gateway for eth1, then things will work.
I've search the internet but no answers for this question have been found.

Thanks, and sorry for the long text.

[tuxmin]

[blazter]

Yes, I can have a default gateway for each interface. Even windows can do it. The problem is that linux always makes things difficult!
Any solution!?

[blazter]

Yes, I can have a default gateway for each interface. Even windows can do it. The problem is that linux always makes things difficult!
Any solution!?

[nobspangle]

you can't have more than 1 default gateway, even on a windows machine. Here is the routing table for a windows machine that I have tried to set two default gateways.

[Storm666]

blazter, you may have a gateway per interface, but the concept of a default gateway is to tell your computer what to do when no route match actual destination, then the machine try to speak with the default gateway, expecting a response...

Like Nobspangle said, tell us why you need to use those 2 interfaces to be connected to the net and maybe we will be able to help you.
_________________
Never underestimate the power of stupid people in large group...

[think4urs11]

Hi!

From what i understood you want to use one internet for some sort of internet traffic and the other one for some oder kind, correct?

That's called policy or source based routing. As the name implies the routing decision is no longer taken purely by destination address. You can additionally use source ip, port number and other things.

You want to read something about advanced routing e.g.

http://snafu.freedom.org/linux2.2/docs/advanced-routing/
or
http://lartc.org/howto/

and you want to emerge iproute2

HTH
T.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

[splooge]

"Default Gateway" is a misleading term. Think of it as the "Gateway of last resort."

eg: When all routing matches fail, where does it send the packet?

You really can't have more than one last resort, and that's basically what the default gateway is.
_________________
http://get.a.clue.de

[blazter]

Here is what I want to do:
All internet traffic that comes from eth1, must return to eth1.
eth1 is the direct ip access interface, and I'm running a daemon behind the router. The problem is that, when the client machines connects through the eth1 interface, the server daemon response is routed back through the eth0 interface (modem), and the communication fails.
This occurs because eth0 has the default gateway. I can't set the default gateway for eth1, because all internet traffic used by the employees must use the modem connection, eth0.
That's my problem.

[kashani]

Argh! This is approaching the mythic status of T1's not being full duplex.

1. You can have as many default routes as you feel like typing. default route in OS speak means gateway of last resort in the routing world. Go ahead type route add default gw ip.add.re.ss in a few times with different addresses. Then type netstat -rn to see them all.

2. Generally what you want to do is called policy routing. You make a policy and then route according to it. You decide which route you wanted based on destination and source with a few ACLs on a Cisco.

3. If you set two default gateways Linux will alternate between them. Usually an OS will use the local interface gateway by default unless you've got metrics set like splooge's example. Of course it uses the first as the metric is 20 and other was 30.

You haven't explained how you want thing to work though. Something like:

1. users on x IP space need to go to eth0
2. users on y IP space need to go to eth1
3. x users will be natted behind x1 IP address
4. y users will no be natted.
and so on.

I've never done policy routing in Linux, but this link might get you started. Assuming this is what you want to do. You're less than clear in your posts.
http://www.unixreview.com/documents/s=1350/urm0006d/

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.