Hello all. I have a routing problem.
I have a linux machine (OpenSuSE) that acts as a gateway for the LAN and
is connected to internet using two different internet providers.
I want to ping this linux machine from the lan and from outside, using
both public ip (even from the lan, I have to call linux using external
public ip and not the internal lan ip).

Let's call:
$IP1 = linux ip on first provider's net
$P1_NET = first provider's net
$P1 = default gateway ip on first provider's net
$IF1 = ethernet interface wired with first provider's net

I have tried these commands:
ip route add $P1_NET dev $IF1 src $IP1 table 1
ip route add default via $P1 table 1
ip route add $P2_NET dev $IF2 src $IP2 table 2
ip route add default via $P2 table 2
ip route del default
ip route add default via $P1
ip rule add from $IP1 table 1
ip rule add from $IP2 table 2

Now, if I ping $IP1 or ping $IP2 I get correct answer from outside but
not from the LAN.

If I substitute the 7th line with this line:
ip rule add from $IP1 to 82.0.0.0/8 lookup 2

than ping works from LAN and from outside but obviously it works only
from external ip like 82.a.b.c.
Extending this for all valid addresses I would have to write a lot of rules:
ip rule add from $IP1 to 1.0.0.0/8 lookup 2
ip rule add from $IP1 to 2.0.0.0/8 lookup 2
ip rule add from $IP1 to 3.0.0.0/8 lookup 2
....
excluding 192.168.0.0/16, and than the same for $IP2. It seems me not
very good. :-)

Have you got any suggestion to solve the problem?
Thank you very much.

On Jul 22, 7:43*am, Alessandro Topo Galileo
<toglituttofinoalpunto.ale...@email.it> wrote:
> Hello all. I have a routing problem.
> I have a linux machine (OpenSuSE) that acts as a gateway for the LAN and
> is connected to internet using two different internet providers.
> I want to ping this linux machine from the lan and from outside, using
> both public ip (even from the lan, I have to call linux using external
> public ip and not the internal lan ip).
>
> Let's call:
> $IP1 = linux ip on first provider's net
> $P1_NET = first provider's net
> $P1 = default gateway ip on first provider's net
> $IF1 = ethernet interface wired with first provider's net
>
> I have tried these commands:
> ip route add $P1_NET dev $IF1 src $IP1 table 1
> ip route add default via $P1 table 1
> ip route add $P2_NET dev $IF2 src $IP2 table 2
> ip route add default via $P2 table 2
> ip route del default
> ip route add default via $P1
> ip rule add from $IP1 table 1
> ip rule add from $IP2 table 2
>
> Now, if I ping $IP1 or ping $IP2 I get correct answer from outside but
> not from the LAN.
>
> If I substitute the 7th line with this line:
> ip rule add from $IP1 to 82.0.0.0/8 lookup 2
>
> than ping works from LAN and from outside but obviously it works only
> from external ip like 82.a.b.c.
> Extending this for all valid addresses I would have to write a lot of rules:
> ip rule add from $IP1 to 1.0.0.0/8 lookup 2
> ip rule add from $IP1 to 2.0.0.0/8 lookup 2
> ip rule add from $IP1 to 3.0.0.0/8 lookup 2
> ...
> excluding 192.168.0.0/16, and than the same for $IP2. It seems me not
> very good. :-)
>
> Have you got any suggestion to solve the problem?
> Thank you very much.

Wow thats interesting. I'm really not sure why that wouldn't work.

I ran OpenSUSE at one time and I never was happy with it. I couldn't
get the firewall to work the way I wanted it, and I didn't find good
documentation on it.

I would recommend you use FreeBSD. IPFW (freebsd's firewall) is a
simple and straightforward (not to mention sturdy) firewall. I've run
FreeBSD before as a gateway. Nothing but amazing.

http://www.freebsd.org/doc/en/books/...alls-ipfw.html
http://www.freebsd.org/doc/en/books/...-building.html
http://www.freebsd.org/doc/en/books/...k-routing.html
http://www.freebsddiary.org/gateway.php
http://www.freebsddiary.org/ipfw.php