From owner-freebsd-questions@freebsd.org  Tue Feb 18 20:25:50 2020
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1BAAD245597
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Tue, 18 Feb 2020 20:25:50 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70])
 by mx1.freebsd.org (Postfix) with ESMTP id 48MXRc547xz4Tgw
 for <freebsd-questions@freebsd.org>; Tue, 18 Feb 2020 20:25:48 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from point.uchicago.edu (point.uchicago.edu [128.135.52.6])
 (Authenticated sender: galtsev)
 by kicp.uchicago.edu (Postfix) with ESMTPSA id D44A84E684;
 Tue, 18 Feb 2020 14:25:47 -0600 (CST)
Subject: Re: Switching to backup Network
To: Doug Hardie <bc979@lafn.org>, FreeBSD <freebsd-questions@freebsd.org>
References: <64F39D12-E061-4726-B58E-943D61963944@mail.sermon-archive.info>
From: Valeri Galtsev <galtsev@kicp.uchicago.edu>
Message-ID: <50d6c0e2-8e70-0743-1e9c-f4c36847a015@kicp.uchicago.edu>
Date: Tue, 18 Feb 2020 14:25:47 -0600
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101
 Thunderbird/68.4.1
MIME-Version: 1.0
In-Reply-To: <64F39D12-E061-4726-B58E-943D61963944@mail.sermon-archive.info>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 48MXRc547xz4Tgw
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none;
 dmarc=fail reason="No valid SPF, No valid DKIM" header.from=uchicago.edu
 (policy=none); 
 spf=none (mx1.freebsd.org: domain of galtsev@kicp.uchicago.edu has no SPF
 policy when checking 128.135.20.70) smtp.mailfrom=galtsev@kicp.uchicago.edu
X-Spamd-Result: default: False [-1.66 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[];
 DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none]; 
 NEURAL_HAM_MEDIUM(-0.89)[-0.887,0]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-0.995,0]; MIME_GOOD(-0.10)[text/plain];
 IP_SCORE(0.12)[ip: (0.34), ipnet: 128.135.0.0/16(0.17), asn: 160(0.13),
 country: US(-0.05)]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2];
 RCVD_IN_DNSWL_NONE(0.00)[70.20.135.128.list.dnswl.org : 127.0.10.0];
 R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[];
 FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Feb 2020 20:25:50 -0000



On 2020-02-18 14:19, Doug Hardie wrote:
> One of my clients has a machine running 12.1 that is connected via two different NICs to two different WANs.  He has drops from 2 different ISPs to provide redundancy. I have configured each of the DNS names with both IP addresses so that web access will switch over to the backup when the primary is down.  Setfib and pf are used to make that work.  That works fine (although there is a DNS timeout involved).  The problem is that all the servers on the machine talk out via the primary IP address.  While web access continues, the server initiated functions fail because the next hop is down.  Is there a way to switch everything over to the backup network in this case?  I don't find anything that enables automatic changes to the default network.
> 
> Also, when the backup network goes down, the default network entry for setfib 1 route is deleted.  I have to manually enter that when it comes backup.  I am initially setting that in /etc/rc.local.  Is there a way to make it either remain, or be restored?
>

I would look into link aggregation (lagg):

  https://www.freebsd.org/doc/en/books/handbook/network-aggregation.html

I used that to make my FreeBSD laptop switch over from WiFi to ethernet 
interface when the last link is available. Worked neat for me.

Valeri

> -- Doug
> 
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
> 

-- 
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++