Menu
▾
▴
Re: [Shorewall-users] Fail over with Shorewall
|
From: Tom E. <te...@sh...> - 2006-11-03 22:17:37
|
Hristo Benev wrote: > Tom Eastep wrote: >> Hristo Benev wrote: >> =20 >>> Hi, >>> >>> I've read the documentation and I'm aware that automatic FOver is not= =20 >>> possible. >>> >>> So for me will be preferable to create a script checking i-net and=20 >>> changing default route. >>> But will this break Shorewall? >>> >>> I'm using v 3.2.0. >>> I have ADSL connection ppp0 and a friend with Cable I-net (willing to= =20 >>> give me access to his network just for fail over) on eth2. >>> >>> Any suggestions or additional info required? >>> >>> =20 >> Just define both ppp0 and eth2 as 'net' interfaces in /etc/shorewall/i= nterfaces >> and do not use any of Shorewall's MultiISP features. I also recommend = setting a >> net->net DROP policy. > Any changes in NAT required currently only ppp0 is listed in=20 > /etc/shorewall/masq > Should I add eth2 there? > Will just changing default route enough? You will also need another entry in /etc/shorewall/masq as you describe u= nless your friend's routing will be doing the NAT for you. -Tom --=20 Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |