From owner-freebsd-questions@freebsd.org Wed Feb 19 04:47:26 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A0B0524EEDE for ; Wed, 19 Feb 2020 04:47:26 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (mail.covisp.net [65.121.55.42]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48MlZM6cQHz4Fvh for ; Wed, 19 Feb 2020 04:47:22 +0000 (UTC) (envelope-from kremels@kreme.com) From: "@lbutlr" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: Switching to backup Network Date: Tue, 18 Feb 2020 21:47:19 -0700 References: <64F39D12-E061-4726-B58E-943D61963944@mail.sermon-archive.info> To: FreeBSD In-Reply-To: <64F39D12-E061-4726-B58E-943D61963944@mail.sermon-archive.info> Message-Id: <44376A6C-558A-4399-A64E-4007612997B4@kreme.com> X-Mailer: Apple Mail (2.3608.60.0.2.5) X-Rspamd-Queue-Id: 48MlZM6cQHz4Fvh X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of kremels@kreme.com designates 65.121.55.42 as permitted sender) smtp.mailfrom=kremels@kreme.com X-Spamd-Result: default: False [-0.25 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.80)[-0.796,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx:c]; MISSING_MIME_VERSION(2.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[kreme.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.990,0]; IP_SCORE(-0.07)[ip: (-0.24), ipnet: 65.112.0.0/12(-0.00), asn: 209(-0.04), country: US(-0.05)]; TO_DN_ALL(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:209, ipnet:65.112.0.0/12, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[42.55.121.65.list.dnswl.org : 127.0.5.1] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Feb 2020 04:47:26 -0000 On 18 Feb 2020, at 13:19, Doug Hardie wrote: > One of my clients has a machine running 12.1 that is connected via two = different NICs to two different WANs. He has drops from 2 different = ISPs to provide redundancy. I have configured each of the DNS names with = both IP addresses so that web access will switch over to the backup when = the primary is down. Setfib and pf are used to make that work. That = works fine (although there is a DNS timeout involved). The problem is = that all the servers on the machine talk out via the primary IP address. = While web access continues, the server initiated functions fail because = the next hop is down. Is there a way to switch everything over to the = backup network in this case? I don't find anything that enables = automatic changes to the default network. When we had dual drops, we had a router/switch that managed the link = bonding, including routing when one connection went down. This seems the = best way to do this, but then again we had multiple machines. --=20 "Are you pondering what I'm pondering?" "I think so, Brain, but instant karma's always so lumpy.=E2=80=9D