Hi,
I have a multi-ISP situation (working well) whereby I need to turn off one
of my ISP's once a cap has been reached.
I can turn it off quite easily by replacing the default route in the main
table:
default
nexthop via 10.1.5.3 dev eth1.5 weight 1
nexthop via XX.XXX.XX.33 dev eth1.9 weight 1
with
default via 10.1.5.3 dev eth1.5
But if I try to reverse the process and replace the default route with the
1st one, packets routed via the eth1.9 provider goes into a black hole (not
investigated where packets end up)
Doing a shorewall restart takes several minutes, so I'd like to avoid that
if possible, but it always puts things the way they should be.
I'm thinking the direction I should be going in is either:
1. To insert/delete an iptables rule to mark the packets for the always-on
ISP when the variable ISP has expired (per the FAQ)
2. Generate 2 sets of rules for iptables using shorewall (one with
multi-path default route, one with single path) and swap one for the other.
Anybody done this before or got any thoughts about it?
Thanks,
Lee
------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve
application availability and disaster protection. Learn more about boosting
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users