On 7/19/10 12:18 PM, Stephen Brown wrote: > > I understand the tcrules setup (I think) in regards to what I am trying > to accomplish for outbound VoIP traffic. Inbound traffic will be > directed to the cable link as well, I'm going to create SRV records to > provide redundancy, will shorewall still process my DNAT rules > regardless of which ISP they arrive from?
If you set them up correctly. > For example, let's say my > cable modem goes down, and I have an SRV record of a higher weight to > point to my DSL connection, I should expect to still be able to receive > inbound calls without hassle? What about outbound calls in this > scenario? What would be the best way to deal with that? Sorry -- you are going to have to talk to someone who speaks VOIP and SRV records. But, from a Shorewall perspective: a) The firewall must be configured so it will ignore interfaces that are not available. b) When an interface because unavailable, Shorewall must be restarted. So when an interface is down, it is effectively not part of the configuration except that you can still use LSM to monitor the link and restart Shorewall when the link comes back up. > > Here are my config files thus far, I don't know that many of the options > are sane however (pastebin'ed because they kept wrapping in my email > client): > > http://www.pastie.org/1050858 This isn't any better. I can't quote from a web page; and if copy/paste, then *my* mailer will fold what I'm quoting. But I suggest that you read the text about that example (which, until recently, was my own network). In particular, you need to understand why I specified 'loose' on my backup provider and why you should not. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
