Hi. I have a private network (eth0) behind NATed Linux router box connected to two different ISPs (eth1 and eth3). Eth1 and eth3 have a different public IPv4 addresses. In normal mode, most of the traffic from the private network is routed through the first ISP (eth1), and a specific traffic is routed through a second ISP (eth3) by using policy routing, fwmark and second routing table with another default route. When the connection to the first provider dies, all traffic is routed through the second provider simply by removing appropriate rule from routing policy database. Everything works fine, but the hosts in the private network experience slow reestablishment of connections via a new route with a new public address. I clear the routing cache with 'ip route flush cache'on router, but maybe is not enough. My guess is that the slow reestablishment of connections may be associated with router's connection tracking too. Will the explicit invalidation of connections on router box helps hosts from private network to reestablish connections faster during ISPs switching? And if so, how invalidation of certain connections in conntrack subsystem can be done from shell? Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
