> How would you go about building a fault tolerant solution so
> that both ISPs
> can be used (either load-shared or as active/backup) for
> outbound client
> traffic and inbound SMTP traffic? Can this be accomplished
> currently using a
> Cisco PIX (in HA config). If not, what feature would be
> needed in order to
> support this?
How about this solution..
SMTP (easy part)-
ISP A has MX record priority 20, it is a bigger pipe
ISP B has MX record priority 30, it is "failover"
Routing -
OSPF run internally via http://www.zebra.org software.
iproute2 for extra functionality
Health checks & etc -
Mon seems most appropriate
Firewall software?
iptables is an easy winner over ipchains. maybe openbsd is a good
choice here, too..
DNS -
dynamic dns software, take your pick. TTLs should be <= 15 minutes
if you can get away with it..
(if PIX can run OSPF maybe it will work on that. I assume you are asking
because you have the hardware already?)
Note : I don't claim any of this will work, but I am in process of trying it
on my home network. At my home network I currently have 2 cable providers
with dynamic IPs and shortly will add SDSL.
Hope that helps
Peter
