On 05/03/2016 05:31 AM, robert.krig+shorew...@render-wahnsinn.de wrote: > I've currently got two ISPs configured on our Company's > Firewall/Router Server running shorewall. I've managed to get both > connection going ok. Allthough I'm a bit unclear about a few things. > > Ideally I would like to declare one ISP as the main isp and the other > one only as a fallback in case the first one isn't available. >
You don't mention which version of Shorewall that you are running. If your version is >= 4.6.6, then set the 'primary' option on the main interface and the 'fallback' option on the other. If you are running an earlier release, use 'balance' on the main interface rather than 'primary'. And, of course, to get actual failover, you must run something like LSM to monitor the status of the links. > Can I achieve this somehow through balance weighting? I'm guessing > the balance setting in the providers file would make shorewall prefer > one connection over the other. Does that mean I can give my "main" > provider a huge balance value? E.g. balance=1000 and the other one > something like balance=1 ? That's a very bad approach, do to the way in which multi-gateway default routes are implemented in the kernel. > > Secondly, while both connections are active. I'm constantly getting > dropped ssh connections or timeouts when logged in certain websites, > which attach a session to your ip. What do you mean by 'attach a session to your ip'? 'track' only insures that flows initiated from your local environment continue to use their initial gateway and that flows initiated from outside your local invironment send responses out of the same interface as initial packet of the flow entered the gateway. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
