Hello all,
this is my first post here, so sorry if i`m wrong with something.
I`m tring to search about this problem but without success.
I have astaro 220 v8.301 and i try to configured it with 2 ISP with load balancing.
I have 2 interfaces for ISP and 1 for internal network (staff)
In Interfaces -> Uplink balancing i have add 2 ISP interfaces
and the multipath rules look like :
source : internal interface (staff) , service : Any , Destination : Any , Itf. Persistence : by Source/Destination.
In NAT in masquerading ,I have the follow rule :
Staff (network (internal network)) -> Uplink Interfaces
and that`s all. Now the problem is if a astaro give me IP from the first ISP, we have no problem,everything work great , but if astaro give me IP from second ISP sometimes i can`t open web page. But if i download torrent for example i have high i-net speed that certainly is a combination of both ISP. So i contact the ISP and he told me something very stange. Obviously i have something address that is not masqueraded and some internal IP`s go out without masquerading.
This is log from ISP
tcpdump -i eth1.1000 -nvep ether host 00:1a:8c:15:52:d3 and ! host
94.26.104.98
tcpdump: listening on eth1.1000, link-type EN10MB (Ethernet), capture size
65535 bytes
08:10:19.203263 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13081, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 4271207222, ack 3474714021, win 16425, length 0
08:10:19.509113 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13089, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 0, ack 1, win 16425, length 0
08:10:20.100725 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13092, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 0, ack 1, win 16425, length 0
08:10:21.124438 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 25411, offset 0, flags [DF], proto TCP (6), length 40)
So the strange thing is i don`t have any problem with first ISP.
Any ideas ?
this is my first post here, so sorry if i`m wrong with something.
I`m tring to search about this problem but without success.
I have astaro 220 v8.301 and i try to configured it with 2 ISP with load balancing.
I have 2 interfaces for ISP and 1 for internal network (staff)
In Interfaces -> Uplink balancing i have add 2 ISP interfaces
and the multipath rules look like :
source : internal interface (staff) , service : Any , Destination : Any , Itf. Persistence : by Source/Destination.
In NAT in masquerading ,I have the follow rule :
Staff (network (internal network)) -> Uplink Interfaces
and that`s all. Now the problem is if a astaro give me IP from the first ISP, we have no problem,everything work great , but if astaro give me IP from second ISP sometimes i can`t open web page. But if i download torrent for example i have high i-net speed that certainly is a combination of both ISP. So i contact the ISP and he told me something very stange. Obviously i have something address that is not masqueraded and some internal IP`s go out without masquerading.
This is log from ISP
tcpdump -i eth1.1000 -nvep ether host 00:1a:8c:15:52:d3 and ! host
94.26.104.98
tcpdump: listening on eth1.1000, link-type EN10MB (Ethernet), capture size
65535 bytes
08:10:19.203263 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13081, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 4271207222, ack 3474714021, win 16425, length 0
08:10:19.509113 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13089, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 0, ack 1, win 16425, length 0
08:10:20.100725 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 13092, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.68.56478 > 94.127.76.140.80: Flags [F.], cksum 0xc635 (correct), seq 0, ack 1, win 16425, length 0
08:10:21.124438 00:1a:8c:15:52:d3 > 00:25:90:51:9e:3f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 127, id 25411, offset 0, flags [DF], proto TCP (6), length 40)
So the strange thing is i don`t have any problem with first ISP.
Any ideas ?