From owner-freebsd-questions@freebsd.org Tue Feb 18 20:19:58 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EBF5E245264 for ; Tue, 18 Feb 2020 20:19:58 +0000 (UTC) (envelope-from SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info) Received: from mail.sermon-archive.info (sermon-archive.info [71.177.216.148]) by mx1.freebsd.org (Postfix) with ESMTP id 48MXJs6JL4z4KZM for ; Tue, 18 Feb 2020 20:19:57 +0000 (UTC) (envelope-from SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info) Received: from [10.0.1.251] (mini [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 48MXJr081Yz2fjQV for ; Tue, 18 Feb 2020 12:19:56 -0800 (PST) From: Doug Hardie Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Switching to backup Network Message-Id: <64F39D12-E061-4726-B58E-943D61963944@mail.sermon-archive.info> Date: Tue, 18 Feb 2020 12:19:55 -0800 To: FreeBSD X-Mailer: Apple Mail (2.3445.104.11) X-Virus-Scanned: clamav-milter 0.101.4 at mail X-Virus-Status: Clean X-Rspamd-Queue-Id: 48MXJs6JL4z4KZM X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info designates 71.177.216.148 as permitted sender) smtp.mailfrom=SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info X-Spamd-Result: default: False [-1.24 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.79)[-0.794,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:71.177.216.148]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-0.997,0]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(-0.05)[asn: 5650(-0.21), country: US(-0.05)]; TO_DN_ALL(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[148.216.177.71.list.dnswl.org : 127.0.10.0]; MV_CASE(0.50)[]; FORGED_SENDER(0.30)[bc979@lafn.org,SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_NO_TLS_LAST(0.10)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:5650, ipnet:71.177.216.0/23, country:US]; FROM_NEQ_ENVFROM(0.00)[bc979@lafn.org,SRS0=aCFo=4G=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Feb 2020 20:19:59 -0000 One of my clients has a machine running 12.1 that is connected via two = different NICs to two different WANs. He has drops from 2 different = ISPs to provide redundancy. I have configured each of the DNS names with = both IP addresses so that web access will switch over to the backup when = the primary is down. Setfib and pf are used to make that work. That = works fine (although there is a DNS timeout involved). The problem is = that all the servers on the machine talk out via the primary IP address. = While web access continues, the server initiated functions fail because = the next hop is down. Is there a way to switch everything over to the = backup network in this case? I don't find anything that enables = automatic changes to the default network. Also, when the backup network goes down, the default network entry for = setfib 1 route is deleted. I have to manually enter that when it comes = backup. I am initially setting that in /etc/rc.local. Is there a way = to make it either remain, or be restored? -- Doug