Please bear with me, this might take some explaning.

At work we have two networks, one I have control over, the other I have little say in, save emergencys.

Both these netoworks have a common router (which I have no control over) and infrastructure. A trust is being set up between the two domains, and I was amazed to find out that the traffic is being routed via the other side of the country.

network A -->router --> various hops -->same router -->network B

Normaly I would have no problem with this, but the link often dies, and if people started to rely on it a hour or two not being able to get to your docs seems a little harsh. Add to this the latancy the we we're getting (and the vastly increased logon times) and it just seems futile.

The two different subnets have different filtering rules on the router, but I don't know whether they're filtered by interface or subnets (this is where the 4 NICs come in to it, hold on) and can't find out.

I was thinking about the iptables I have running at home when I had an idea.

so this is what I propose:
one box, 4 *NICs (one for internel one for external for each net)
Iptables rules that will filter off everything for the other net and forward to it (or drop it if it would be droped by the router), letting everything else slip seemlessly by.

What I want to know:

Is this feasable?

How difficult would 4 NICs in on box be to set up?

If I just let 3 ports through one way and none the other, would the stateful-ness of iptables let the reply connections through or would I have to all sorts of NATing and table rules?

Is there an easier way of doing it?

Why do I insist on biting off more than I can chew all the time?


I hope that all makes sense.
Thanks.