Date: Mon, 7 Jun 2004 00:22:16 -0400 From: gus- <gus@pbx.org> To: "Mitch (bitblock)" <mitch@bitblock.com> Cc: "David J. Hughes" <bambi@Hughes.com.au> Subject: Re: 2 adsl connections load balancing with natd/ipfw Message-ID: <20040607042216.GA86305@pbx.org> In-Reply-To: <JFEFJAFJPNHFPLKLGIHEOEMIDPAA.mitch@bitblock.com> References: <8EBC1C3A-B7E1-11D8-BD82-00039357FA7A@canyon.xs4all.nl> <JFEFJAFJPNHFPLKLGIHEOEMIDPAA.mitch@bitblock.com>
next in thread | previous in thread | raw e-mail | index | archive | help
doing this with ipfw is trivial: isp ip localip local int link1: 192.168.1.1 192.168.1.2 em1 link2: 192.168.2.1 192.168.2.2 em2 route add 0.0.0.0 192.168.1.1 ipfw add prob 0.5 allow ip from any to any out via em1 fwd 192.168.2.1 however, this would probabaly drop half of your packets if em1 went down, should theoreticaly work if em2 drops (because you still have a route to 192.168.2.1 via default route) if freebsd followed rfc 1112 this shouldn't be an issue (http://www.freebsd.org/cgi/query-pr.cgi?pr=57479) cheers, -- gus huber <gus@pbx.org> pbx labs On Sun, Jun 06, 2004 at 11:38:11AM -0700, Mitch (bitblock) wrote: > Hi Rene! > > That concept was recently suggested to me by a friend on another project - I > haven't had a chance to try it yet though - any pointers on a starter rule > set greatly appreciated... > > thanks. > > m/ > > > -----Original Message----- > > From: Rene de Vries [mailto:rene@canyon.xs4all.nl] > > Sent: Sunday, June 06, 2004 10:47 AM > > To: Mitch (bitblock) > > Cc: 'Joe Hamelin'; freebsd-isp@freebsd.org; David J. Hughes > > Subject: Re: 2 adsl connections load balancing with natd/ipfw > > > > > > Mitch, > > > > Why so complicated. > > > > Simply start two different natd instances one for each ADSL line. Make > > one of the ADSL lines the default route. Then based on the source > > address (just modified by natd) fast-route traffic which tries to leave > > via the default route over the wrong interface to the other interface's > > next hop (using ipfw). > > > > You could apply various methods of determining over which ADSL line the > > traffic will leave, e.g. source port, source address, dest address > > etc... > > > > This solution doesn't require provider assistance and would even work > > when you have two different providers. > > > > Ren? > > > > On May 26, 2004, at 2:59, Mitch (bitblock) wrote: > > > > > Hey David - didn't see your reply before I replied to Joe there - any > > > more > > > info appreciated - I have both ends of the solution (I think) - just > > > need to > > > know the best way to config! > > > > > > Consider these ip's and interfaces... what do I do? Is ISPF lighter > > > weight > > > than BGP (considering the limited deployment?) > > > > > > Client A <-----\ > > > X.X.X.2 \ > > > ----------> Router <-------------> > > > / / X.X.X.1 X.X.Y.2 > > > X.X.X.3 / / > > > Client B <-----/ / > > > <------/ > > > X.X.X.4 > > > > > > Router is FreeBSD based, and Client A and Client B are also FreeBSD > > > based, > > > and have a second interface to the internal networks at Client A and > > > Client > > > B. > > > > > > I'm wondering if my other problem (the fact that Client A can't see > > > Client B > > > as there is an ATM path for it to Router, but as Client B's addresses > > > are on > > > the same subnet, and not bounced off the Router (and there is no > > > direct ATM > > > path) there is no connection... > > > > > > Any help or advice greatly appreciated. > > > > > > Thanks. > > > > > > m/ > > > > > >> -----Original Message----- > > >> From: owner-freebsd-isp@freebsd.org > > >> [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of David J. Hughes > > >> Sent: Tuesday, May 25, 2004 4:08 PM > > >> To: 'Joe Hamelin'; freebsd-isp@freebsd.org > > >> Subject: RE: 2 adsl connections load balancing with natd/ipfw > > >> > > >> > > >> > > >> Actually, that isn't quite correct. You do not need a virtual IP > > >> address (such as an HSRP or VRRP setup). You just need equal cost > > >> paths from the ISP to you. > > >> > > >> To achieve this you will need to route an address range from your > > >> ISP to your network. It can be your address space, a small piece > > >> of ISP provided space, or even a chunk of private space. Just as > > >> long as it's routed from the ISP to you via the DSL tails. The > > >> ISP just needs to see equal cost paths to your prefix via BOTH > > >> your DSL tails. That way they will use both. > > >> > > >> There are several ways to do this (inc running eBGP or OSPF to them > > >> from your equipment). Have a chat with your ISP to see what options > > >> they would consider. > > >> > > >> > > >> David > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > -- > > Ren? de Vries <rene@tunix.nl> > > Tunix Internet Security & Training > > > > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040607042216.GA86305>