Help - Search - Members - Calendar
Full Version: Ipcop
Linuxhelp > Support > Technical Support
opsman
Hi,

I am using ipcop on a 64k isdn line and I want to use another ipcop machine on the second channel of the isdn line. Can I configure ipcop to force each machine to use their own isdn channel? I can't bond the two channels as the isp does not support 128k plus I may wish to use two different isp's. Any advice would be appreciated. cool.gif
hughesjr
I assume that you mean you are using the IPCop firewall to connect to your ISDN modem via an ethernet card....I also assume you have a network of other computers on your side of the firewall that you are going to try to have go out the 2 lines...and that you are using an internal network number (192.168.x.x, 10.x.x.x, or 172.16.x.x) on the inside machines.

If I am correct in my assumptions ... you can probably add the second line by adding another network card to your firewall machine ... and not need a whole other machine (see Adding a 2nd Red Interface. The configuration would be 2 real IP addresses on the internet side (on seperate cards) and 1 card on the inside. The programing of rules will get complicated though, because in order to make traffic go out seperate interfaces, you will have to set up a way to manually split your traffic (reguardless of if you have 2 machines or 1) .

The easiest way to do this is to have 2 internal networks, for example 192.168.0.0 and 192.168.1.0. Split the IPs of the internal machines so half your bandwidth (on average) is on each network ... the IPCop internal card will need 2 IP addresses (one on each network ... like 192.168.0.1 and 192.168.1.1) ... the setup of IPCop would then be open everything between the 2 internal networks and allow routing from 192.168.0.0 and 192.168.1.0 ... route all outbound traffic from 192.168.0.1 out red port 1 and all outbound traffic from 192.168.1.1 out red port 2...

You would also ahve to manually set all the internal IPs.
opsman
Yes,

I have an ipcop machine as a firewall on my network which currently dials up on isdn at 64k. I want a separate ipcop machine with another squid cache to also dial up on isdn but on the other channel, basically I am spreading my backhaul across a variety of providers, also using a 56k dial up and one way satellite. Hope this makes it a little clearer and perhaps you can help again, I want to force the two ipcop machines to use channel 1 and channel 2 , one channel allocated to one machine.

Thanks for your help, good response from my first post! biggrin.gif
hughesjr
I have no experience with ISDN dial-up ... only permanently conencted networks. I also don't specifically know IPCop ... but I do know IPCHAINS / IPTABLES.

But if you want one cache, then I think it would be better to do this on one machine ... how does the ISDN modem connect to your linux box ...

Will there be a second modem provided by the service provider?

I can help with the inside network design, but not the ISDN dialup....
opsman
Ok,

One ipcop machine has an internal PCI TA to dial up the ISDN, a second uses an external modem to dial up on a 56k line and another is connected to a one way satellite. I intend to duplicate the ISDN ipcop machine but as I said before, force it to use a specific ISDN channel and the other one to do the same on the other channel. Cache is working great, each ipcop machine has a substantial cache as does my internal cache server. Maybe I should post to the IPCOP pages, but I haven't seen anyone else try and do this. We don't have ADSL where I am and leased lined are pricey so hence the use of ISDN, sat and dial-up. Thanks again for you help, I'll let you know if I get this fixed. cool.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.