Hello Kintaro, Friday, May 4, 2007, 12:03:22 PM, you wrote:
ko> I'm setting up a firewall/PF/NAT box for a company. we subscribe 2 E1's ko> for our internet for redundancy. So basically what I want is to do load ko> balance this 2 E1 internet and will be also become redundancy if one ko> isp will go down. I read up in google and I see a syntax about ko> round-robin. Could any one give me an advice how to setup for load ko> balance and redundancy? We've tried round-robin and it just didn't work for us. Problems start with connection that uses more than one port/protocol simultaneously. ftp is the first example (and enough for us), but vpn could be an another (didn't test it this way). There is a big chance that control and data connections will be routed to a different gateway ports (external IPs), and servers usually don't allow it. Could start looking for a work-around, but complicated is usually unreliable, so we've ended up with dumb (but effective) solution. Based on statistic we had collected before we've split traffic based on the source IP by creating several static routes. Redundancy is provided by a simple script every 3 minutes sending simple http requests to 10 big web sites from both gateway ports (ping is easier, but sometimes might not get through for a different reasons) and deleting/adding routs depending of the result. I've read that multiple default routes are allowed in 4.1. Will do more research about it. ko> I've also read about OpenBGP but can't understand how it works. I can't ko> picture out how to implement OpenBGP. It's a "true" balancing, than routers all over the world know that you could be reached through different directions (ISPs). Your ISPs should support it and you'll probably have to pay for it to both ISP. -- Best regards, Boris mailto:[EMAIL PROTECTED]
