> Depends on how much money you have, but had you considered getting your > own address range and BGP peering with your ISPs? I'd consider talking > to them about it. It'll take some time to setup, but it means your > "switching" is done at the router, not at the NAT box, which is the > wrong place to do it anyway.
I think I have an inelegant solution to this, but one that could be implemented with even a simple script. If I understood what Leo asked correctly, what's needed is to change the default route on the FreeBSD gateway whenever an event tells it to (in this case, the increase/decrease in performance for the ISPs). The concern here is to keep currently-stablished connections alive, so the process is carried out seamlessly. Unless my tests were wrong, there's a way around it with the very base system tools. The idea is simple: Say the box has two valid IP addresses A.A.A.A and B.B.B.B, and that at a given moment A.A.A.A is being used as the default route. Whenever the event telling the system to switch the routes to B.B.B.B happens, you could parse the current routing table and the current list of open connections, and add a temporary, static route for each of these entries pointing A.A.A.A (the current default gateway) as their gateway (route add X.X.X.X A.A.A.A (or A.A.A.A's remote peer) - where X.X.X.X is the address of one of the open connections). Once you do that for all the current active connections, they'll be guaranteed to stay up when the next step takes place. Now you'd remove the default gateway entry in your routing table and add B.B.B.B (or its remote peer) as the default gateway. From this point on, all connections will use this route as the default, and noone should see the change. The downpoint of this approach is that the system will have to monitor the active connections periodically and remove the static routes after their previously active connections finish; This is because if you don't do so, all connections to a given address will be routed out through the default route at the time the first switch was made and there was a connection to that address. Another concern would be the decrease in perfomance on the FreeBSD gateway if its routing table gets too large (over tens of thousands of static routes). What makes this to work is that static routes have priority over default ones. One could work this up from this point. Fred -- "Real programmers argue with the systems analyst as a matter of principle."
pgp00000.pgp
Description: PGP signature
