Bryan Derman wrote:
I see how multiple WANs from different providers (assuming they use
different link-level sources and/or technology) can provide backup for
outgoing access, but I haven't figured out how this can help for incoming
access to servers.
I.E., let's say I have 2 WAN connections with public IPs; 98.76.54.231
via a cable-based ISP and 123.45.67.89 via DSL-based ISP. Now say I run
a web server, www.mydomain.com, that has a DNS-resolvable public IP
address of 123.45.67.89 (i.e., the DSL-based WAN).
If my DSL-based WAN goes down and pfSense nicely re-routes everything
through the cabled-based WAN, how does one (re)route the traffic coming
into www.mydomain.com to target the cable-based WAN at 98.76.54.231?
The only way I can see of doing this would be to have a DNS server that
provides fail-over but, given that DNS servers are highly distributed and
employ timed caching, such a fail-over would take considerable time to
propagate (likely more time than the typical ISP's outage, or so one
would hope?).
Not with an adequately low TTL on your DNS records. There are companies
doing exactly this with pfSense and the tinydns package.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
