From owner-freebsd-isp@FreeBSD.ORG Fri Aug 29 20:10:20 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3837316A4BF for ; Fri, 29 Aug 2003 20:10:20 -0700 (PDT) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id B3B9243FEA for ; Fri, 29 Aug 2003 20:10:18 -0700 (PDT) (envelope-from sten.daniel.sorsdal@wan.no) X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Sat, 30 Aug 2003 05:07:46 +0200 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DF2D@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Multi-Homed Routing Thread-Index: AcNuYaqrAGpORiclQSGBHO5b+XL5CgAOli1w From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: "Thomas Dwyer" , Subject: RE: Multi-Homed Routing X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Aug 2003 03:10:20 -0000 >=20 > I have a FreeBSD box for hosting as well as a Gateway for a LAN. >=20 > I have recently added a 2nd Internet source (for redundancy)=20 > and I want to know how to make FreeBSD choose a primary=20 > outbound internet source, and chose the other if the primary is down? There has been lots of talk about this, most will suggest doing a BGP = solution. BGP would be the more correct way of doing it. Automatic routing feeds usually cost money and then often lots of money. To achieve BGP feeds for both ISPs you would need to (over simplified): 1. Get an AS number that are in great shortage, so it's a real pain and=20 usually cost money, because you cant do it directly but have to go through someone who already have an AS number. 2. You need to apply for your own address range from your LIR. 3. Upgrade your connections to BGP peering connections at both your = isp's. which usually costs ALOT more than your regular internet connections. You might have to hire or contract someone to configure this, make = sure they are available after it's configured because like everything else it breaks. 4. quite possibly have to upgrade your server to handle 2 full bgp feeds and hire someone to manage it. (It -does- break, like everything = else) Now all this sounds easy, but is virtually unattainable for anyone but the ones with really deep pockets. However. You could achieve almost the same effect by using a script to check if both gateways are up and if one goes down it automatically=20 changes the default route to the working ISP. Then automatically adjust your DNS pointers to the new ip address(es). Your public ip address(es) will change, and hence some people wont be=20 able to reach your site until their DNS's are updated. Some people have caching DNS's that wont expire a record for a long time to not generate alot of traffic and wont reach your site at all. If you are -lucky- and your ISP's suck (for not doing source filtering) you could use both pipes for uploads but only one for download. Consult the archives. >=20 > Am I correct to assume that FreeBSD will automatically return=20 > incoming requests back through the interface that it arrived on? >=20 Not necessarily, this is a routing issue in which you only control the outgoing bit. In short it will go where the routes point. The routing/forwarding engine in FreeBSD works on a packet by packet basis (afaik, and a general advantage if you ask me). - Sten