FreeBSD router two DSL connections
Ted Mittelstaedt
tedm at toybox.placo.com
Mon Dec 26 22:12:32 PST 2005
>-----Original Message-----
>From: Danial Thom [mailto:danial_thom at yahoo.com]
>Sent: Monday, December 26, 2005 7:58 AM
>To: Ted Mittelstaedt; Loren M. Lang
>Cc: Yance Kowara; freebsd-questions at freebsd.org
>Subject: RE: FreeBSD router two DSL connections
>
>
>
>You're not using illegal addresses when you load
>balance, Ted. You're using real address that all
>of your upstream ISPs need to know about. Why
>can't you grasp this concept?
>
So you finally figured it out, Danial.
These "get one DSL line from one ISP and a cable
line from another ISP" schemes will not work precisely
because while the upstream ISP's need to know about your
real addresses, they don't.
ISP A that you have a DSL line to and assigns you
10.0.0.1 as an IP number is expecting traffic to come
from you with a destination IP number of anywhere on the
Internet, and a source IP number of 10.0.0.1
ISP B that you have a cable line to and assigns you
192.168.0.1 as an IP number is expecting traffic to come
from you with a destination IP number of anywhere on the
Internet, and a source IP number of 192.168.0.1
If you use 10.0.0.1 as a source IP for a packet that you
send to ISP B, then ISP B's ingress filters will not
see this packet with a source IP of 192.168.0.1, and assume
it's bogus, and drop it.
If you use 192.168.0.1 as a source IP for a packet that you
send to ISP A, then ISP A's ingress filters will not
see this packet with a source IP of 10.0.0.1, and assume
it's bogus, and drop it.
Very simple concept for anyone to grasp.
Ted
More information about the freebsd-questions
mailing list