Great Work Tom,
While things are quiet...
I went live with no Shorewall experience as our systems admin had built the
initial Shorewall setup.
Then when we upgraded our internet to dual providers I made a minimum change
in that I added the second provider as a sub interface of the interface with
the primary provider and this has been working for over six months.
Our Environment: We utilise DNAT and conntrack
Internet traffic could be in via provider A or B and out via
provider A or B. (Asymmetric routing)
Provider B is a layer two peering point so the Quagga routing table
contains ~50 different next hops.
Should I stay with this setup or do you recommend following
http://www.shorewall.net/MultiISP.html ?
After reading " Shorewall includes limited support for multiple Internet
connections. Limitations of this support are as follows:
* It utilizes static routing configuration. If there is a change in the
routing topology, Shorewall must be restarted."
I prefer staying with my current setup.
Kind regards,
Trent O'Callaghan
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
