On Jul 12, 2007, at 5:14 AMJul 12, 2007, Andrea Venturoli wrote:
Hello.
I have a setup where a FreeBSD box is connected to two ADSL
routers: default gateway is set to the first and, in case of
failure, is moved to the other one. This works perfectly for
outgoing connections: in the event of the switch, I'll have to
reconnect, but that's acceptable.
The problem is in the incoming connections: if I get one on the
"backup" router, this will reach the server, which will however
answer through its "default" router. Thus the remote client will
see packets coming back from a different host and things won't work.
Just to be clear, the packets travel as follows (with source and
dest IP in brackets):
Client (x.x.x.x) -> Backup router (y.y.y.y)
Backup router (x.x.x.x) -> Server (z.z.z.z)
Server (z.z.z.z) -> Default router (x.x.x.x)
Default router (v.v.v.v) -> Client (x.x.x.x)
So the client (x.x.x.x) connects to y.y.y.y (the backup ADSL public
IP), but gets answers from v.v.v.v (the master ADSL public IP).
AFAIK there is no solution to this, but I tought I'd ask before
giving my official opinion to my customer.
Perhaps there's some sort of hack we could use, that through ipfw/
natd/other diverting daemon/whatever delivers answers based on the
MAC address of the incoming connections (if the MAC address belongs
to the backup router, use that for answers)... does anyone know?
bye & Thanks
av.
The biggest problem one would have with this sort of setup, is the
upstream provider support. I don't know of any ISP's that are going
to be willing or even able to propagate routes for your static IPs
through their DSL systems. If you want that sort of redundancy and
support, you'll probably have to go to a higher-end business class
solution, such as a T1 or even possibly an ISDN line.
HTH
-----
Eric F Crist
Secure Computing Networks
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
