Warren Flemmer wrote: > > Greetings > > I am new to iproute2 and therefore would not try to give a direct answer to > any of your questions. I have, however, been working on what seems to me to > be a similar problem and will offer it here in case it assists. > > I two have two links to the internet though different isps. The requirements > were that users on the lan would be as oblivious as possible to any one link > going down. > > The solution I came up with involved two new linux boxes. Both using iproute > and one using masq (nat with 2.4 when released). One box was placed between > the two isps with source routing and a third network card linking to the > dns,www etc (I call it a crossrouter). The second box also links the two > isps and uses source routing and masq to offer redundancy (redundancy box). > An attempt at text art may help > > isp1 +redundancy box+ isp2 > | | | > | > +---------------------+ +---------------------+ > | | > + Crossrouter + > | > ---+---------+---------------+----------------------------------Lan > www dns etc > > I made may attempts to use one box instead of two without any luck. I had > bad results with marking that would have made a single box solution > possible. The result was the two boxes. On the routers to the isp I have a > second default route to the redundancy box with a higher matrix. If one link > fails the data is routed to the redundancy box where it is masq on an ip > (one assigned by the isp with the good link) address and sent out through > the other isp. Every test I have done is showing the solution to work but it > has not been fully deployed yet. > > I would imagine that this type of solution would be worth using is you link > to two different isps and BGP is not available. I intend doubling up on the > crossrouter as it will become a single point of failure. > > If anyone knows of a better solution I would be interested to know. > > Hope this helps > > Regards > Warren > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/ I think in this case, you may be able to do what you want with a single box, unless you need to route based on fwmark or something set in ipchains. If all you need to base the information on is source address, or something already in the packet, a single box solution should be feasible. Can you elaborate on your current setup? How/what detects that the ISP has gone down? What switches you to forward to the other router? Are you running any routing/status_monitoring daemons? So far, the only way I've been able to detect that the ISP is down is a ping.
