[EMAIL PROTECTED] wrote: > John R. Shannon wrote: >> On Monday 06 February 2006 06:46, Nickolay A Burkov wrote: >>> Hi, All! >>> >>> I have a router with two external ethernet links to two different >>> ISPs. Could someone recommend me a good technique to organize > failover with > these ... >> I use ifstated for that purpose. >> > > I do have a similar situation in my work. We have two ADSL connections > to two different ISP's. I did an ifstated configuration and some shell > scripts that basically do the following things: > > a) check if any of the internet links in the modems are up, using snmp > (if your device has support to snmp, the majority of the DSL/ADSL > routers does) ...
I used ifstated with ping to the other side of the link (as determined by traceroute). You might need to create a static route or use the route-to pf command to make sure you're pinging through the correct interface to determine the state. This shows my ifstated.conf: http://marc.theaimsgroup.com/?l=openbsd-misc&m=113776959830873&w=2 I ended up moving the ping to, '("ping -q -c 3 -w 2 10.10.10.1 > /dev/null" every 30)' and using a single "if" statement in the downed states. I also found moving everything in pf that did a route-to to an anchor was helpful. Then I reload the anchor as shown in the ifstated.conf in the link. Because this is an active test I also reserved a little (very little) bandwidth via altq for this ICMP traffic. Another approach might be to test to see if there is _any_ traffic coming into an interface, if not, it is probably down. BTW, I do this with dual carp'ed firewalls with site-to-site ipsec VPNs and OpenVPN for road warriors. Thanks for the great OS! -Steve S.
