Date: Thu, 20 Mar 2003 07:34:28 +0100 From: "Arie J. Gerszt" <arie@gerszt.ch> To: "Domain Administrator" <domainadmin@3tec.com>, <freebsd-isp@FreeBSD.ORG>, <freebsd-question@FreeBSD.ORG> Subject: AW: Multiple Internet connection with failover/load-balancing Message-ID: <FEEHKMHBPPGLAPHJCDIIMEIKCFAA.arie@gerszt.ch> In-Reply-To: <20030320010036.P2559-100000@ns1.3tec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Mike
I tried it, am still trying it (low priority task) and still did not achieve
it.
It is hard and very complex. I found some products which could do it. The
least
costly (don't know how well) is the Nexland Turbo Pro or so router, which is
meant to do just that. Search their website, you'll see.
I was contacted by a company which sells a software doing that too. Price
with
a box is approx. 10k USD, so quite expensive. But they have a GUI, which
makes
life for administrators sometimes easier.
The biggest problem seems to detect the failure of one link. Ie. if you have
your freebsd box with 3 NICs, nic1 -> isp1 via cable; nic2 -> isp2 via adsl;
nic3 -> to your lan or whatever.
Both ISPs will have some CPE at your location, probably your adsl modem and
the
cable tv modem.
If now one link fails, say the cable link, this will have in 99.9% of the
cases
no impact between your cable modem and your freebsd box, so the link between
the freebsd box and your CPE of the cable isp will stay up. That's the hard
trick now, to detect, that the cable link has failed.
Some products, as Radware's Linkproof, have own algorithms to track such a
failure
down.
A basic load sharing with no failover redundance can be made (to what I
under-
stand) by adding 2 default routes, with the same metric. But that is not all
you'd
want or need.
Just technically speaking, I think you could do that:
- box with 3 nics
- nat and 2 default routes
- cron job, which runs every 10secs which detects a link fail --> remove
the
appropriate route from the routing table.
Ok, now you have a failover box. But you still have your single point of
failure, it's
the freebsd box itself. Ok, now you could come up with some heartbeat or
other HA
full clustered solution.
In the end, you buy so much hardware and you'd use so much time, that it
might me simplier,
hassle-free and just cheaper, to buy a 10k USD box, even if you might find a
cheaper one
on ebay et al.
Regards
Arie
-----Ursprungliche Nachricht-----
Von: owner-freebsd-isp@FreeBSD.ORG
[mailto:owner-freebsd-isp@FreeBSD.ORG]Im Auftrag von Domain
Administrator
Gesendet: Donnerstag, 20. Marz 2003 07:24
An: freebsd-question@FreeBSD.ORG; freebsd-isp@FreeBSD.ORG
Betreff: Multiple Internet connection with failover/load-balancing
Hello all,
We've been offering commercial Internet failover/load-balancing products
to our clients, but we occasionally receive requests by some clients
to provide less costly solution. While full redundancy for both
inbound and outbound traffic will require BGP or OSPF, these clients
simply wish to join multiple Internet connections (DSL, ISDN or T1) from
different providers to gain failover capability should one of their
links failed. Without ISPs' support, this type of redundancy only applies
to outbound traffic, but that will suffice the clients' requirements
already.
I searched through the mailing lists and forums but found only very
limited resources on how to accomplish such gateway/firewall setup using
FreeBSD (or other BSD). It seeems for this type of setup requires
running of multiple NAT daemons. Has anyone done something like this? or
point me to any HOW-TOs?
Thank you all for your input.
Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FEEHKMHBPPGLAPHJCDIIMEIKCFAA.arie>