SMTP server and 2 WAN links scenario

Raice · January 9, 2007, 5:42pm

Hi!

Is it possible scenario?

I have 2 WAN links, 1 ethernet (wan1) and PPPoE (pppoe1) both with static IPs
In the local network I have SMTP Server on 192.168.1.3

I need the following:

LAN computers use pppoe1 to access Internet
SMTP Server is listeting and recieving incoming connections on both wan1 and pppoe1

I tried to do this but SMTP Server is accessible from outside only by pppoe1

My route table:

#           DST-ADDRESS         PREF-SRC          G GATEWAY         DISTANCE INTERFACE
 0 A S   80.xxx.xxx.0/24       217.xxx.xxx.18   r  217.xxx.xxx.17                    wan1     
 1 ADC 192.168.1.0/24         192.168.1.2                                                          lan1 
 2 ADC 192.168.2.0/24         192.168.2.1                                                          wan2     
 3 ADC 195.xxx.xxx.227/32 87.xxx.xxx.200                                                    pppoe1 
 4 A S  217.xxx.xxx.0/24       217.xxx.xxx.18   r 217.xxx.xxx.17                    wan1     
 5 ADC 217.xxx.xxx.16/28    217.xxx.xxx.18                                                   wan1     
 6 A S  217.xxx.xxx.0/24       217.xxx.xxx.18   r 217.xxx.xxx.17                    wan1     
 7 A S  217.xxx.xxx.0/24       217.xxx.xxx.18   r 217.xxx.xxx.17                    wan1     
 8 A S  0.0.0.0/0                     87.xxx.xxx.200   r 195.xxx.xxx.227                  pppoe1

NAT rules:

1   ;;; SMTP Server (pppoe1)
     chain=dstnat dst-address=87.xxx.xxx.200 protocol=tcp dst-port=25 
     action=dst-nat to-addresses=192.168.1.3 to-ports=25 

 2   ;;; SMTP Server (wan1)
     chain=dstnat dst-address=217.xxx.xxx.18 protocol=tcp dst-port=25 
     action=dst-nat to-addresses=192.168.1.3 to-ports=25

SMTP is accessible only from 87.xxx.xxx.200

How can I fix it?

P.S.
192.168.1.0/24 - LAN (ether1)
192.168.2.0/24 - ADSL Modem connected to this network (ether2)

Raice · January 10, 2007, 2:33pm

Access for LAN computers

 3   ;;; Access to wan1
     chain=srcnat out-interface=wan1 src-address=192.168.1.0/24 routing-mark=routewan1 action=masquerade 

 4   ;;; Access to ADSL modem
     chain=srcnat out-interface=wan2 src-address=192.168.1.0/24 dst-address=192.168.2.0/24 action=masquerade 

 5   ;;; Access to pppoe1
     chain=srcnat out-interface=krasnet0 src-address=192.168.1.0/24 action=masquerade

Raice · January 12, 2007, 1:31pm

Anybody knows?

galaxynet · January 14, 2007, 1:20pm

Not to be cryptic but - I didn’t see any incoming packet marking in your rules listed above…

Typically, in a case like yours, you would want to mark the incoming connections and packets FROM your two different providers otherwise, and it looks like this is what is happening, the router just picks a route to answer the incoming connetion on…

You may really want to study the loadbalancing docs or take a look at the ones about load balancing on the wiki pages.

Thom