Am 12.11.2014 um 18:31 schrieb Lonnie Abelbeck <li...@lonnie.abelbeck.com>:
> Hi David, > > Yes, I think we have the flexibility to do something along the lines you want > using /mnt/kd/wan-failover.script . > > The first step is to keep things working smoothly after a switch to the > secondary WAN link, depending on any different NAT situations between the > primary and secondary WAN links, that will take some testing, and may not be > as 'clean' as you would hope other than maintaining two separate sip.conf > files and swapping them and restarting asterisk on the switch. > > Lasting blocking data hogs, is not so easy. The Pepwave Surf OTG has a data > quote feature (again from the data sheet) to stop forwarding data when the > quota is exceeded. > > There is a status log file: /var/log/wan-failover-status.log > which contains the line > -- > WAN Link: PRIMARY > -- or -- > WAN Link: SECONDARY > -- > if you were adding any custom firewall rules. But blocking the high > bandwidth connections is difficult unless you know the IP address. > > Lonnie Maybe this could be done with DNS by swapping the "/etc/hosts" file (where e.g. youtube.com is blocked). Or with our tinyproxy package … > On Nov 12, 2014, at 10:41 AM, David Kerr <da...@kerr.net> wrote: > >> This feels like a useful and helpful feature. As I have thought about this >> in the past one of the issues that concerned me is how to throttle traffic >> when in failover mode. One could very quickly run through 3G/4G wireless >> quota if I just let internet traffic run as usual and start incurring $$$'s >> per MB. For example I have a NAS with an offsite backup daemon running... >> uploads to CrashPlan servers. While on backup I can live without offsite >> backup sync. Similarly I would want to consider blocking YouTube, Netflix >> or other video sites. Basically anything that would be a large data hog, >> but still leave general web browsing, VoIP, email retrieval, etc working. >> >> So, any thoughts about how best to do this? Presumably some sort of script >> that would run before/after failover that could add specific rules to the >> firewall to block certain traffic either by source or destination (or type? >> -- can a firewall tell "video" from something else?). >> >> Thanks >> David >> >> On Wed, Nov 12, 2014 at 11:10 AM, Lonnie Abelbeck >> <li...@lonnie.abelbeck.com> wrote: >> Resurrecting Michael's post... >> >> The next release of AstLinux 1.2.1 will have a web interface configurable >> "WAN Failover" functionality... >> >> WAN Failover >> http://doc.astlinux.org/userdoc:tt_wan_failover >> >> (Much thanks to Michael Keuter) >> >> All of the EXT2* rc.conf variables are now supported in the web interface. >> >> This seemingly simple feature, is not, to get all the edge conditions >> covered. >> >> Anyone interested in this feature is encouraged to to build from the SVN or >> use http://build.astlinux.org to get the latest SVN builds. >> >> I personally have tested this (somewhat old) WiFi-client, Netgear WNCE2001 >> N300 >> http://www.amazon.com/NETGEAR-Universal-Ethernet-Adapter-WNCE2001/dp/B003KPBRRW/ >> >> as the Failover Interface and WiFi connected to my iPad w/LTE and Personal >> Hotspot enabled. >> >> I also have ordered a gizmo (for $99 USD)... >> >> Pepwave Surf On-The-Go (SUS-AGN1) >> http://www.peplink.com/products/pepwave-surf-on-the-go/ >> >> that should arrive today, but seems it could be configured ethernet -> to >> either an iPad w/LTE or a USB data modem from your wireless provider. >> >> If course a dedicated wired Failover WAN link would also work. >> >> Lonnie >> >> >> On Jun 16, 2014, at 9:42 PM, Michael Knill >> <michael.kn...@ipcsolutions.com.au> wrote: >> >>> Hi group >>> >>> I am looking at setting up a backup 4G/LTE connection for a customer (and >>> provide it as a product offering) and just wondering the best way to >>> provide it in Astlinux. >>> The 4G router can support bridge mode so ideally I would like to have dual >>> PPPoE connections but I don’t think this is easily done in Astlinux? I am >>> happy (and would prefer) to manually switch the routing over to a backup >>> connection. >>> >>> Currently Astlinux’s EXT2IF requires a static address which would mean >>> double NAT for me (I assume) as I would need to route rather than bridge on >>> both firewall external interfaces. Should this be a problem? Could I >>> disable NAT but do IP Tables on Astlinux and do NAT on a router? If I have >>> a good enough router (who can you trust?), I could just turn off the >>> Astlinux firewall and make it a telephony server and router only? >>> >>> I was thinking that worst case, I could put the 4G router on the DMZ or >>> internal network and just change the default route on Astlinux to point to >>> it on failover. >>> >>> Any ideas? >>> >>> Regards >>> Michael Knill Michael http://www.mksolutions.info ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
