[Shorewall-users] 2 internet ip numbers on eth0

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

I am migrating from one ISP to another, and would like to run both
simultaneously for a while.

So:
	(both netmask 255.255.255.248)
[ISP1] 24.106.62.180	[ISP2] 209.181.237.230
		|				|
		|				|
		\				/
		 -----[    HUB	]-----
				|
				|
		 -------- eth0 ---------
		|	Linux FW/Server	|
		 ---------eth1 ---------
				|
				|
			[    HUB	]
				|
			10.0.0.x/255.255.255.0

The default IP on eth0 in my RedHat 7.2 box is ISP1 and it's default =
route
to ISP1's gateway.

I am getting rid of ISP2 in the future. Until then, I want to either =
forward
all request coming in on ISP2 to ISP1 so all ISP1 firewall rules will =
apply,
or just maintain separate rules for them, whichever is easier.

So both internet ip's are on eth0, and I tried manually setting ISP2 as =
an
alias for ISP1, giving me eth0 and eth0:0 under ifconfig. This allows me =
to
ping both ip's from my FW, but only ISP1 is pingable from the internet. =
All
this is without shorewall active (shorewall clear). So I assume it is a
routing issue, where requests coming in on ISP2 try to go back out via
ISP1's default route.

How do I do this, using net and loc zones, where net is ISP1 and ISP2. =
And
can shorewall automatically add the routes necessary, if so, how, if =
not,
how do I do this manually?

I am using shorewall version 1.3.14, iptables 1.2.6a

I have spent a week reading docs and about routing, but am too much of a
rookie to figure this out. So I am hoping someone can help me out more =
than
referencing to more docs I don't understand.

Please try to reply or CC to my shorewall at incisoft dot com e-mail =
address
as I am not sure if my subscription to the mailing list is in working.

Fonz