On Sat, Jul 24, 2021 at 01:38:17PM +0100, Norman and Audrey Henderson wrote: > Hi, I have been using rt_rules to force certain traffic out one or the > other of my iSP's, and it has worked will for years. I seem to have done > "something" that has caused the following behavior.
It sounds like an OS level thing or something other than shorewall. Whatever OS it is, where is the config that manages vlan5 ? Is it using dhcp. What packages did you upgrade ? I think you should be using GIT or some other method to manage your config. There's tools like etckeeper to help with this. If you don't already have that, then you get to try crummy alternatives like find /etc -ctime -9 -ls > One ISP is vlan5 and it's flaky. The other is vlan7 and it's mostly stable. > The two ISP's are set up with balance so that normal users' traffic could > be assigned to either. Certain IP's however should always use vlan7 if it's > up. The rt_rules entry is numbered above 1000 because, we have various > networks of our own we need to route to. This is done via entries in the > routes file specifying table main. > > After a shorewall reload, there are no "default" routes in the main table. > Correct. > > However if vlan5 goes down briefly or if I simulate that by: ifconfig vlan5 > down; sleep 2; ifconfig vlan5 up - then a default route to the gateway of > vlan5 gets added to table main. The preference for vlan7 (being after the > main table) is then not applied. > > shorewall reload fixes it. > > Any ideas of why this would be occurring? Or, is there a way to trigger > shorewall reload whenever a link changes state? _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
