Topic: PPPOE and STATIC internet connection

[Gert]

I need to use both configs at the same time. I have a pppoe internet connection and a internet-like intranet (static) and would like to use both at the same time. Both is connected to the eth1 of my sme box. i can add another NIC if need be. Any thoughts on this? (I suppose one could also use this for a redundant internet connection.)

[electroman00]

I need to use both configs at the same time. I have a pppoe internet connection and a internet-like intranet (static) and would like to use both at the same time. Both is connected to the eth1 of my sme box. i can add another NIC if need be. Any thoughts on this? (I suppose one could also use this for a redundant internet connection.)

internet-like intranet (static)

Is that a second pppoe connection or are you trying to connect another network with a different subnet?
Maybe a little more detail on that might help here.

Both is connected to the eth1 of my sme box.

Depending on what "internet-like intranet" specifically is, it may foobar your internet network connection.
Also eth1 implies your in "Gateway mode" so you need to confirm that.

What server mode are you in now "Server Only- 1NIC " or "Gateway mode- 2 NIC "??..... S or G
How many NIC's are physically installed at this moment?....1 or 2

G2 is a good answer, Gateway mode- 2 NIC

SME will support up to a max of 2 nic's.

[Gert]

Thank you for the reply, my apologies for the incomplete question.

Running Server / Gateway Mode (2 NICs).
On eth0 I have my own local network.
On eth1 I have an adsl router (pppoe connection) and another public network (static ip) connected.
The public network has an ip range of 172.16.0.0/12, My IP is 172.20.16.186 with a subnet of 255.255.255.248 and a gateway of 172.20.16.185.

On order to be connected to the internet and the public (Internet like) network I tried the following:

1. Setup the server to use pppoe in Server/Gateway Mode.
2. created a custom template for /etc/sysconfig/network-scripts/ifcfg-eth1 with:

Code: [Select]

TYPE=Ethernet
DEVICE=eth1


USERCTL=no
ONBOOT=yes
PEERDNS=no

IPV6INIT=no

BOOTPROTO=none
IPADDR=172.20.16.186
NETMASK=255.255.255.248
NETWORK=172.20.16.184
BROADCAST=172.20.16.191
3. Restarted the network

Code: [Select]

service network restart4. Then added a route for the network:

Code: [Select]

route add -net 172.16.0.0 netmask 255.240.0.0 gw 172.20.16.185 dev eth1
Now the server has perfect connection to both networks (the public one and the internet), but my local network can only access the internet and not the public network. I suspect that the public network is now configured as a second local network (which is not what I want).

[Gert]

Anyone???

[mmccarn]

It sounds like you have the network part of the problem worked out.

but my local network can only access the internet and not the public network

To help with this, we'd need more information about exactly what works or doesn't work.

If the problem is that clients using web browsers can't browse to hosts on the 172.xx.yy.zz network, you may need to customize the SME server proxy settings: http://wiki.contribs.org/Firewall#Bypass_Proxy (this seems unlikely since you say the SME server can access these hosts OK).

If the problem is that clients can access 172.xx.yy.zz hosts by IP address, but not by name, then there is a problem with your DNS configuration.  Since 172.xx.yy.zz is a "private" network, SME is unlikely to find the correct DNS entries unless you have configured a "Corporate DNS server" or have manually configured all of the required DNS entries on your SME server itself.

There is also the liklihood that the problems are iptables/masq related - by default, SME is only going to allow traffic in through your firewall that is addressed to the primary WAN IP address - all other traffic is dropped. 

You may be able to easily customize your iptables by redefining "OUTERNET" in /etc/e-smith/templates/etc/rc.d/init.d/masq/00Definitions (note: I wouldn't try to do this by resetting "ExternalIP" in the configuration database, as I think that value is used to configure the WAN NIC).  Or, you could need to rewrite major portions of the masq templates, or create custom template fragments for the second WAN IP.


The "official" (ie, most common) answer to all dual-wan questions over the years has been "SME doesn't do dual WAN or load balancing, use an external hardware solution".

You should be able to find lots of discussion about this by searching the forums for "dual wan" and "load balanc*".

The "coovachilli" contrib implements a 3rd NIC in a SME server, and may contain useful code: http://wiki.contribs.org/CoovaChilli

The easiest solution would be (in my opinion) to get another 172.xx.yy.zz IP address and use an external PPoE router for Internet connectivity, or get a dual-wan router and move both internet connections off of the SME server (either putting the SME in server only mode, or leaving the SME in server/gateway mode and using a 10.a.b.c segment to connect the SME WAN port to the dual-wan router).