Hi,
I live in Mongolia and our ISPs are pretty unreliable. I just got a second
line in and have set up Shorewall in a loadbalancing/failover configuration.
Its going pretty well except for one thing; http sessions.
For example, I go to a website and log in. I go to enter a support ticket
and click submit. I then get kicked back to the login screen and no ticket
is submitted.
I've tested this by setting tcrules to send http/https traffic through one
specific ISP and when I do this the problem doesn't occur and I can submit
support tickets no problem.
My providers looks like this:
mobinet 1 1 main ppp0 detect loose,track,balance=3 eth0
sansar 2 2 main ppp1 detect loose,track,balance=1 eth0
they are both going through pppoe connections. The mobinet connection is 5M
and the sansar 3M, mobinet also has lower latency, hence the balance=3
eth0 is the LAN interface.
The interfaces looks like this:
- lo - -
out0 ppp0 detect
tcpflags,optional,nosmurfs,routefilter=0,logmartians=0
out1 ppp1 detect
tcpflags,optional,nosmurfs,routefilter=0,logmartians=0
lan eth0 detect dhcp
I've configured ppp to assign ppp0 to mobinet and ppp1 to sansar.
When I put this into tcrules, the HTTP/S problem goes away:
2:P 192.168.5.0/24 0.0.0.0/0 tcp 80
2:P 192.168.5.0/24 0.0.0.0/0 tcp 443
I had thought that the 'track' option in providers was supposed to deal
with this? What else might I need to consider?
Thanks
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
