Brian J. Murrell wrote: > On Wed, 2007-02-07 at 12:10 -0800, Tom Eastep wrote: >> The Shorewall Multi-ISP documentation clearly states that what Shorewall >> provides is based on static routing and doesn't even attempt to deal >> with dynamic change. > > Yeah. > >> It you don't like it, you are free to use something >> else. > > Of course. > > I have just been thinking over the last week or two on how to bring the > two closer together.
The thing is, routing protocols have been around for a long time and
together with routing daemons, provide a means for modifying your routing
dynamically.
If you want a less expensive option, you could also use a OpenVPN features
like --route-up to add the route to your provider-specific table when the a
connection is made.
>
> On a somewhat related note there is this statement in the multi-isp
> document:
>
> If you are using /etc/shorewall/providers because you have
> multiple internet connections, we recommend that you specify
> 'balance' even if you don't need it. You can still use entries
> in /etc/shorewall/tcrules to force traffic to one provider or
> another.
>
> What's the reasoning behind this? I'm assuming that if I don't use
> balance, I don't get a default route through all providers?
That piece of advice goes on to say:
If you don't heed this advice then be prepared to read FAQ 57 and
FAQ 58
Have you done that?
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
