On Mon, 2003-02-10 at 10:12, John Cushnie wrote: > Hi all, > > Has anyone configued a Linux Router in a secure / redundant > configuration ? > By this I mean a dual (or more) boxen router, using multiple multiple > connections on both sides of the router, so that if hardware failures > strike the impact on the users is minimised. > I use keepalived (keepalived.sourceforge.net) to handle the fail over of my two Linux NAT routers. keepalived supports VRRP and will fail over a virtual address to the other machines. My working machines use the virtual address as their default gateway. Another solution is to install OSPF on everything and let the working machines decide which route to take based on dynamic routing (OSPF). Here is how we do it Two Cisco routers handle our upstream bandwidth with BGP4 to multiple providers. The cisco routers use HSRP to fail over their Ethernet ports. The cisco routers also speak OSPF with my two linux firewall/LVS/routers (using zebra) which handle inbound load balancing and outbound NAT of my working machines. Working machines are setup with a virtual IP address for default gateway which is only active on one Linux firewall at a time (using keepalived) -Matt > In particular, I'm interested how load sharing can be configured for > when all the hardware is working, ie normal state. > > Also anyone used LARTC to set up a 'mesh' type configuration for sharing > > Internet connections with a wireless based network. > I am interested in how several internet connections can be connected > to a wireless mesh using LARTC. > > We are looking to implement this in our local 'remote' community. > The Internet feeds will be from 10MB wireless bridges located in > several locations (local schools) several miles apart. > Wireless bridges and access points will then be used to distribute > the Internet connectivity over a radius of several miles. > LARTC may then be used top provide a level of QoS to all users > (approx 2000 house in total) of the network using bandwidth > sharing/allocation and queuing based on IP address and traffic. > Anyone done anything similar and willing to share experiences ? > > Any pointers/suggestions please ? > > Many thanks. > John Cushnie > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Matthew S. Crocker Crocker Communications, Inc. / Vice President PO BOX 710 Greenfield, MA 01302-0710 Voice: 413-746-2760 Fax: 413-746-3704 Web: http://www.crocker.com E-mail: matthew@crocker.com GPG Public Key: www.keyserver.net
