On Tue, 2012-01-10 at 06:27 +1100, Nick wrote: > I have dual wans setup very similar to the dual wan guide. I used two > modems in bridged mode, and PPPOE to authenticate on a Gentoo box. > > > > Simply put the issue is at times my ISP hands out the same gateway > address on both connections. When this happens shorewall fails to > start. > > > > Most of the time the two ISP gateways are 203.33.255.118 and > 203.33.255.161 though randomly when pppoe restarts I will be > assigned the same gateway to both connections. I do have two static > IP’s that are assigned from my ISP via DHCP.
> I can simulate this by editing the providers file like so:
>
>
>
> NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
> OPTIONS COPY
> isp1 1 512 main eth1 10.100.11.10
> track,balance eth0
> isp2 2 256 main eth2 10.100.11.10
> track,balance eth0
> this is the same error that occurs when I am using the pppoe setup:
>
> RTNETLINK answers: No such process
>
> ERROR: Command "ip -4 route replace default scope global table 254
> nexthop via 10.100.11.10 dev eth1 weight 1 nexthop via 10.100.11.10
> dev eth2 weight 1" Failed
>
> This has driven me mad for 6 months now, and I hope someone can
> provide a solution other than putting the modems into NAT with
> permanent different gateways. My knowledge of routing is just enough
> to get me into trouble.
>
> I am happy to provide any further information, I run Gentoo and have
> updated, patched and rebuilt kernels over the last six months to
> attempt to sort this.
>
> I suspect that Its pretty rare that anyone would have (or want) two
> identical gateways working on their network on different interfaces,
> but I hope that at least a simple test could be added to shorewall to
> prevent this occurring to others.
With PPPOE, you shouldn't be specifying the gateway address on your PPP
devices. If you just leave the GATEWAY column empty ("-"), this problem
shouldn't occur.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
