Dual wan routing without failover and loadbalance



  • I`ve tryed a lot of conf to do that but now i need an advice.
    I have two wan

    first provider (2M/sec)has:

    AS****1

    second provider (100M/sec) has:

    AS****2

    i have public IPs/24 that belong to AS1
    and public IPs/28 that belong to    AS
    2

    LAN is using IP`s from the first provider

    My problem is that i want to route traffic without load balancing and failover something like this:

    LAN >>>>port 80, 443 to first provider (that`s easy)
    LAN>>>>>all hard traffic that came from p2p to the second provider but the problem is:

    if im using the public IPs that belongs to the first provider i cannot access the second provider at full speed (100M/sec) only 10M/sec
    Is there a way to NAT and route public LAN IP that belongs to first provider in another public IP that belongs to second provider??



  • let me explain in another way:

    i want something like DNAT and like this i could send some protocols to wan 2 and in the same time to change public ip1 in public ip2.
    Someone has an ideea how to start?



  • I don't see a problem here. I just see 2 firewall rules. One that uses an alias for all the ports that go out wan1 and one catch all that is sending out everything else to wan2….. unless I don't understand exactly what you are asking for  ::)



  • the problem is that with the public IP from LAN i cannot access WAN 1 because hose IPs belong to WAN. What i need is to transform public IP from LAN in other public IP for WAN 1 with firewall rules yes i can catch all what i need but how to send the desired traffic to WAN1 and in the same time to change the public IP from LAN that belongs to WAN, in other public IPs that belongs to WAN1.
    The problem is that the providers have different AS number and they are rivals :D
    I need this to send all p2p protocols to WAN1 because there i have 100M/sec line speed



  • You are using public IPs from both providers on LAN??? I honestly don't understand that setup at all. Are you running dual IP configs on the lanclients? How should the application decide which IP to use then?



  • NO im not using IPs from both providers

    Let me explain:
    first provider says:
    if u want connection from me use IP  xxx
    second provider says:
    if u want connection from me use IP  yyy

    first provider give me        2M/sec
    second provider give me 100M/sec

    my problem is that i`m using IP xxx on LAN but i want to access the second provider with IP yyy
    maybe the only solution is to use a proxy server…:(



  • So you do routing from lan to wan1? If that's the case you just need some advanced outbound nat magic to nat on wan2.



  • did not help me…:(



  • Then your outbound nat rules are wrong. We need much more details on your setup, IP-Spaces and so on to find the error in the config.



  • I would use private IP addresses in LAN and let the firewall NAT automatically.

    then use policy based routing to send traffic to correct ISP.

    if you have the following rule it it will send all traffic out to WAN2
    firewall Rule: Interface LAN:  source IP:  *  Desrt IP: * Dest port: *    gateway: WAN2

    so just make some rules above it to send traffic to WAN1 and you are done.

    if your LAN computers are accessed from outside then you need to setup NAT rules also,


Locked