From owner-freebsd-questions@FreeBSD.ORG Mon Oct 10 07:59:37 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4C951106566B for ; Mon, 10 Oct 2011 07:59:37 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id 0AFF38FC08 for ; Mon, 10 Oct 2011 07:59:36 +0000 (UTC) Received: by gyf2 with SMTP id 2so6472677gyf.13 for ; Mon, 10 Oct 2011 00:59:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Ik+vY2qVbhdJ3dBMMpd4aGJONyG6rYaUUBo9RZU/6gA=; b=CVNCb/Tma9yo6+4k8SkAO4vBPAa/xcpBNWKyoJxT+wYBTJ9+J2JOmBoCT0ktV/p05r l0zVgV05yIME65wbVlCzI7smnQ/i6ERpufaFqWmhIe3Oi1YU7JwhJU1PvtcZuts4LcDy j/74EDxEifV6xeHDpkA9+7oQ6qGhwkjkDFZ6M= MIME-Version: 1.0 Received: by 10.236.191.103 with SMTP id f67mr21999538yhn.16.1318233576329; Mon, 10 Oct 2011 00:59:36 -0700 (PDT) Received: by 10.236.109.133 with HTTP; Mon, 10 Oct 2011 00:59:36 -0700 (PDT) In-Reply-To: <4E9187AC.6000006@infracaninophile.co.uk> References: <4E9187AC.6000006@infracaninophile.co.uk> Date: Mon, 10 Oct 2011 08:59:36 +0100 Message-ID: From: krad To: Matthew Seaman Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: pepe , freebsd-questions@freebsd.org Subject: Re: two networks in one server? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Oct 2011 07:59:37 -0000 On 9 October 2011 12:38, Matthew Seaman wrote: > On 09/10/2011 10:36, pepe wrote: > > I'm just asking before trying if it possible to use two network uplinks > in > > one server so other would be just backup way in? > > I have currently connection from two ISPs and server is up with one > > connection. Is it possible to add another nic and wire that to connection > > from another isp? So isp 1 would be in normal use in/out, but isp 2 could > be > > used connecting in? > > This is a very commonly asked question around the Internet. > > The answer is -- it's a lot harder to do properly than you might think. > Requires understanding Internet routing protocols like BGP and you will > need the cooperation of both ISPs to make it all work. > > However there is a "light" version which might work for you. Keywords > here are "policy based routing." In this case you can use firewall > software to forward packets by an alternate gateway. This only affects > the outward path from your system: no good at all if all the incoming > traffic is using an uplink that fails, but you can use it to load > balance across multiple links. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > JID: matthew@infracaninophile.co.uk Kent, CT11 9PW > > There is a simpler version now in freebsd. You could spawn an additional version of sshd with the setfib command, and have a different default route in the relevant fib table. If you have a bunch of services you need to run like that maybe you could wrap them up in a jail and use the fib on the jail. Have a look at setfib. NOTE: it appears you need to set a compile time option for your kernel "options ROUTETABLES=X" where X is the number of routing tables you require