I have a web/email server with to nics, eth0 and eth1. I want to set it up, in order all WAN traffic is going through eth0 and all LAN traffic is going through eth1.
I found a number of descriptions and tutorials about policy based ip routing, but I'm still not sure how to configure the server. Any help about what routes, rules and iptables entries I need would be helpfull.
This is the network I'd like to set-up:
----------------------------
! Gateway to internal LAN !
! 192.168.26.1 !
----------------------------
!
!
!
-------------------------
! eth1: 192.168.26.154 !
! Email / Webserver !
! eth0: 192.168.26.153 !
-------------------------
!
!
!
----------------
! WAN Gateway !
! 192.168.26.7 !
----------------
!
!
!
----------------
! WAN !
! any address !
----------------
It does not work that way.
Plug your WAN gateway, LAN gateway and "email/webserver" into a switch. Forget eth1 on your "email/webserver".
Assuming the WAN gateway does NAT and forwards appropriate ports to the "email/webserver", and your internal LAN is either in the 192.168.26.0/24 subnet or is NATed by LAN gateway, you just set the default router for the "email/webserver" to be 192.168.26.7 and do fine with that. The WAN users will go via the default gateway, the local users will be handled by the implicit link-local route.