I suppose that would work! I was just wondering if there was something better already written into netfilter... Khanh Tran Network Operations Sarah Lawrence College -----Original Message----- From: per j [mailto:perj8@hotmail.com] Sent: Wednesday, February 05, 2003 12:26 PM To: netfilter@lists.netfilter.org Subject: Re: dual gateways How about this? Use at to ping something on the Internet periodically or ping the T3 router. Modify the defaultroute by using route whenever ping returns false. Use MASQUERADE instead of SNAT in Netfilter. >I'm sure this is possible, but I just haven't gotten it to work right by >playing around with the settings. > >I've got three NICs in the firewall box. I've also got two routers that go >to the Internet via two separate lines (a T1 and a partial T3). I've got >my >default gateway set on the linux box to go out via the T3 and NAT setup for >my clients to route out via that interface. I'd like to know if it's >possible to setup a failover route to redirect clients out the T1 should >the >T3 not be available, even if the router is. Here's the basic diagram: > > > (default route) > eth2 <---> |T3 Router| <---> Internet >LAN <---> eth1 |firewallBox| > eth1 <---> |T1 Router| <---> Internet > > >Khanh Tran >Network Operations >Sarah Lawrence College _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
