From owner-freebsd-questions Sat Jul 13 8: 0:43 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFCFE37B400 for ; Sat, 13 Jul 2002 08:00:39 -0700 (PDT) Received: from flamingo.mail.pas.earthlink.net (flamingo.mail.pas.earthlink.net [207.217.120.232]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D60143E42 for ; Sat, 13 Jul 2002 08:00:33 -0700 (PDT) (envelope-from info@quantumsol.com) Received: from user-vcausu5.dsl.mindspring.com ([216.175.115.197] helo=protools) by flamingo.mail.pas.earthlink.net with smtp (Exim 3.33 #1) id 17TONo-0004M0-00 for freebsd-questions@freebsd.org; Sat, 13 Jul 2002 08:00:28 -0700 From: "Chris McCluskey" To: Subject: How do I do I decide the best route between two gateways Date: Sat, 13 Jul 2002 07:58:16 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have a FreeBSD firewall box and attached to it are two external gateways (one from a DSL connection, the other from a T1). Basically I want the T1 link to be the primary link (the default gateway) for the LAN, but I would like to use the DSL link as a failover link. I also have legacy services that require the DSL connection (as I'm not prepared to move those services over to the T1 at this time). In doing some research it looks like routed is the way to go, but it doesn't look like I'm getting any RIP or IRDP messages back from the gateways (even though I have explicitly allowed UDP 520, all ICMP traffic, and IGMP though the firewall to be safe [or unsafe as the case may be])-- at least I see no evidence of this (netstat shows no new gateways and routed -t just shows the repopulation of the local subnet routes). Are there other better options? One of the main problems I'm having is that to get data to flow over the T1 circuit, I have to change the static default route from the DSL connection to the T1. This is fine since all connections on the T1 then operate as expected. But after switching the default gateway, the incoming connection (example SMTP) no longer work. In taking a look at the firewall rules, the packet is successfully received, but lacks a valid route back out the system. The same thing happens in reverse (if I switch the default route from the T1 to the DSL) the DSL connections work fine, but then requests to the T1 fail due to a lack of a good route. Any ideas? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message