On Thu, 2007-19-04 at 13:43 -0400, Brian J. Murrell wrote: > I'm finding that just a simple matter of my ppp session going down and > then back up again is messing up the delicate balance (no pun intended) > of route rules and tables that shorewall sets up to achieve > track/balance/policy routing. If I simply do a "shorewall[-lite] > restore" things return to normal.
OK. FWIW here is what is happening. Assume all providers are up and
shorewall has set up the track/balance routing so that the main routing
table has:
# ip route ls table main
...
default
nexthop via 72.38.136.1 dev vlan2 weight 1
nexthop via 192.168.200.1 dev ppp0 weight 1
Now pppd goes down (i.e. loses link, whatever) and see what it does to
the main routing table:
# ip route ls table main
...
[ no default route at all ]
Then when pppd comes back up:
# ip route ls table main
...
default via 192.168.200.1 dev ppp0
So pppd is taking out that equal-weighted route. Not really surprising
when you think about it. Not very nice either though. :-(
I'm really not sure what to do about that. AFAIK you can prevent pppd
from creating a default route, but not prevent it from removing one.
I'm probably going to have to do some bad hackery to save the default
route that is in place when pppd starts and have pppd's ip-down replace
it when it's done. If that's even possible which it might not depending
on when ip-down scripts are called in the shutdown process.
None of this is really all that shorewall related, but I just thought I
would close the loop on what is going on here for the benefit of anyone
following along.
b.
--
My other computer is your Microsoft Windows server.
Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
