On my firewall I've three interfaces :

eth0 : public IP (46.X.X.X.)
eth0:0 public IP (46.X.X.Y.)
eth1 : public IP (88.X.X.X.)
eth2 : private LAN (172.X.X.X)

I've setup a basic NAT which works great until I turn on the eth1 interface, I basically loose the connectivity. When I turn off the interface (ifconfig eth1 down) then the NAT re-work. I've added some policy routing via iproute, which makes my three public IP's available.

I don't understand why turning on eth1 on makes the LAN unavailable.

PS : weirder ; when I turn on eth1 BUT remove the NAT, then the firewall is accessible by using the public IPS. So to me it's exclusively a NAT issue, since without the NAT the network works while with the NAT without the second public interface, the NAT does work.

Regards

EDIT : I've been able to make it work by using iproute2 rules. That was definitely a routing issue. Here is what I did :

ip rule add prio 50 table main
ip rule add prio 201 from ip1/netmask table 201
ip rule add prio 202 from ip2/netmask table 202

ip route add default via gateway1 dev interface1 src ip1 proto static table 201
ip route append prohibit default table 201 metric 1 proto static

ip route add default via gateway2 dev interface2 src ip2 proto static table 202
ip route append prohibit default table 202 metric 1 proto static

# mutipath
ip rule add prio 221 table 221

ip route add default table 221 proto static \
            nexthop via gateway1 dev interface1 weight 2\
            nexthop via gateway2 dev interface2 weight 3