Josh, with yr permission, i would like to 'hijack' this thread... :) questions below...
----- Original Message ---- > From: JoSH Lehan <[email protected]> > To: [email protected] > Sent: Sunday, September 20, 2009 5:13:01 PM > Subject: [Shorewall-users] Dual WAN reliability help needed > > Hello! I've been running Shorewall for a few years now, and it's > performed well. > > I have a non-trivial setup, though, and it is rough around the edges > when trying to deal with it. In particular, I have a dual WAN. One is > cable modem (DHCP), and another is DSL modem (PPPoE). > > What's more, the cable modem is a single IP address that often changes, > while the DSL modem is a static IP address *range*. There is a "main" > address that the PPP connection sets up, but it also accepts several > other nearby addresses. I have this running right now with aliases for > the ppp0 device. Currently we have a adsl line ( dynamic ip ). We will be getting a new wimax line ( dynamic ip). I intend to 'bond' both of these lines for users(soho environment) to have more bandwidth. And also to provide redundancy as the adsl line is a little erratic in my area and we do have outages of a few hours sometime. > I've studied this document: > > http://shorewall.net/MultiISP.html > > There are 3 main problems I have: > > 1) If the router is rebooted while either the cable or the DSL is down, > Shorewall won't come up It requires *both* interfaces to be fully > active before Shorewall will start. If either is down, my firewall is > DOA, requiring manual intervention. will my new setup ( dynamic ip only for both connections ) also be affected by this problem? > I was hoping to set up a dual WAN setup for redundancy and safety, and > unfortunately instead, this makes it *more* brittle. > > 2) Shorewall is a one-shot deal: it exists just to configure the > kernel's firewall settings. There's no active monitor that can stay > around and take care of things if either the cable or the DSL goes down. cant the swping or lsm scripts help? If anyone has a similar setup( two internet lines , both dynamic ip) working, i would like to learn how u did it. Thanx, marco. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
