> I'm running Eiger 1.5 (haven't had the time or need to go to something > newer - maybe I'll be forced to now!) with FreeS/WAN on a static > wireless connection to my ISP. I've now been provided a second WAN > connection via ADSL with another ISP. I would like to combine them to > share the load, but realistically I think this will be difficult to > impossible with FreeS/WAN in the equation. Perhaps even without it. > > I think Charles was contemplating this idea a while back - don't know if > he came up with any solutions...
Load-sharing gets ugly when using FreeS/WAN, which doesn't currently use the kernel's routing tables. This means all the nifty new tricks you can do with the newer advanced kernel routing features just doesn't work when running FreeS/WAN on the same box. You can still do some interesting things, but you'll probably have to have multiple boxes to get FreeS/WAN load-sharing. NOTE: You can mix load-sharing for general internet services and FreeS/WAN on the same box, there's just no way I know of to load-share a VPN link running FreeS/WAN on the actual gateway system hooked to your upstream links...FreeS/WAN just doesn't have the routing flexability. > So, given that load sharing might be too difficult, I thought I would > simply add the second IP to eth0, as the ADSL is to be static. Oops, > just found out they assign the 'static' address with dhcp! So, the > question becomes... Can or how do I tell eth0 to get a 'dynamic' > address, but also use a static second address? In conversations with > the local linux people, the suggestion was to assign the dhcp address > first, then alias the static one afterward. The reverse seemed > unreasonable (?). Um...do you really have both upstream gateways tied to the same ethernet port on your firewall? Normally, this would be a bad thing. Depending on the type of wireless access point you've got, you may even be spewing your DSL traffic out your wireless link, chewing up your bandwidth. > Any comments as to what/how to edit to achieve this? I can change > FreeS/WAN manually if need be, when the 'default' connection fails. ??? Just configure FreeS/WAN to use your static IP, which will send VPN data out your ADSL line. Or just use %defaultroute in your FreeS/WAN configs, and it will track your current IP setup (or at least the IP setup in place when you start FreeS/WAN...it won't track changes if your IP changes, you'll have to svi ipsec restart). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
