Routing of services

Figure 5.13: Network - Routing of services

IPBrick allows to route the traffic relating to the several services of the network to the different output interfaces. That is, a communication server may be routing the SMTP traffic to a certain ISP router and the WEB traffic to another. The definition of gateways is made through the following fields:

• Name: The name of the new access to the internet;
• IP address: Internal router IP responsible for that access - Gateway;
• Tag in the firewall: Automatically attributed.

After defining a Destination, is necessary to add specific rules in the firewall so that the routing of services becomes a reality.

For instance, if the new Internet access (IPBrick interface eth2) aims VoIP traffic (port 5060, 5090 and after the 35000 - UDP) you have to insert the following rules in Advanced Settings - Network - Firewall - Insert:

Rule 1:

• Type: General configuration;
• Rule: POSTROUTING;
• Interface: eth2;
• Protocol: TCP;
• Module: Leave blank;
• Source IP: Leave blank;
• Origin port: Leave blank;
• Destination IP: Leave blank;
• Destination port: Leave blank;
• Identifier: Leave blank;
• Politics: SNAT;
• Value: IPBrick's IP of eth2.

Rule 2:

• Type: General configuration;
• Rule: OUTPUT;
• Interface: eth1;
• Protocol: UDP;
• Module: Leave blank;
• Source IP: IPBrick's IP of eth1;
• Origin port: Leave blank;
• Destination IP: Router IP;
• Destination port: 5060 (port to forward the new access configured for eth2 in this case).
• Identifier: -;
• Politics: MARK;
• Value: 1 (firewall tag);

Rule 3:

• Type: General configuration;
• Rule: OUTPUT;
• Interface: eth1;
• Protocol: UDP;
• Module: Leave blank
• Source IP: IPBrick's IP of eth1;
• Origin port: Leave blank;
• Destination IP: Router IP;
• Destination port: 5090 (port to forward the new access configured for eth2 in this case);
• Identifier: -;
• Politics: MARK;
• Value: 1 (firewall tag);

Rule 4:

• Type: General configuration;
• Rule: OUTPUT;
• Interface: eth1;
• Protocol: UDP;
• Module: Leave blank;
• Source IP: IPBrick's IP of eth1;
• Origin Port: Leave blank;
• Destination IP: Router IP;
• Destination Port: 35000: (port to forward the new access configured for eth2 in this case);
• Identifier: -;
• Politics: MARK;
• Value: 1 (firewall tag);