It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

How to configure policy-routing for multi-provider useage

  • Type: Knowledgebase
  • Date changed: one year ago
Solution #00005300

 
Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x, 5.0.x

 
Symptoms:

If you want to use more than one provider for your internet connection, you have to configure policy-routing to split up the traffice through both providers.


 
Solution:

In this example we have following settings given by the provider.

 

Provider A
    IP: 212.213.214.1/24
    GW: 212.213.214.254

Provider B
    IP: 212.213.215.1/24
    GW: 212.213.215.254    


 

The following settings will be done in "Config" > "Box" > "Network" > "Network Routes" > "Main Routing Table"

1) Set up the direct route for Provider A on port1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2) Set up gateway route for Provider A with route preference 100


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3) Set up the direct route for Provider B on port2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 


4) Set up gateway route for Provider B with route preference 200


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


The following settings will be done in "Config" > "Box" > "Network" > "Network Routes" > "Policy Based Routing"

1) Set up a policy route for Provider A with the source net 212.213.214.0/24 (given by the provider) placed as postmain

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2) Insert a default route in the Provider A policy route without a route preference


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 


3) Set up a policy route for Provider B with the source net 212.213.215.0/24 (given by the provider) placed as postmain

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



4) Insert a default route in the Provider B policy route without a route preference

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 

 

The Network Routes must look now look like this....

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



 

 

 

 

 

 

 

 

 

 

 

 

 

Now "Send Changes" & "Activate" this configuration. Now you may use Provider A and Provider B concurrently. For forwarding traffic you have only to set the specified IP from Provider A or Provider B in the forwarding firewall rule als Connection Type    

 


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 

 


If you use one or more dynamic networks like DSL for your internet connection you may create the default route directly in the dynamic network configuration dialog. This shows the DSL network configuration in "Config" > "Box" > "Network" > "xDSL/ISDN/DHCP" dialog for example.

            

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Note:
For dynamic links like xDSL,DHCP,ISDN or UMTS you must not create a policy route manually. Set the parameter "Own Routing Table" to "yes" in the configuration of each dynamic link to create automatically a policy table. Also the parameter "Clone Routes" has to be set to "yes" to create a default-route not only in your policy table but also in your default-table.

 

 

 

 

 

 

 

 

 

Link to This Page:
https://campus.barracuda.com/solution/50160000000IKbVAAW