Hi, I''ve read the documentation and I''m aware that automatic FOver is not possible. So for me will be preferable to create a script checking i-net and changing default route. But will this break Shorewall? I''m using v 3.2.0. I have ADSL connection ppp0 and a friend with Cable I-net (willing to give me access to his network just for fail over) on eth2. Any suggestions or additional info required? Thanks in advance ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Hristo Benev wrote:> Hi, > > I''ve read the documentation and I''m aware that automatic FOver is not > possible. > > So for me will be preferable to create a script checking i-net and > changing default route. > But will this break Shorewall? > > I''m using v 3.2.0. > I have ADSL connection ppp0 and a friend with Cable I-net (willing to > give me access to his network just for fail over) on eth2. > > Any suggestions or additional info required? >Just define both ppp0 and eth2 as ''net'' interfaces in /etc/shorewall/interfaces and do not use any of Shorewall''s MultiISP features. I also recommend setting a net->net DROP policy. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Tom Eastep wrote:> Hristo Benev wrote: > >> Hi, >> >> I''ve read the documentation and I''m aware that automatic FOver is not >> possible. >> >> So for me will be preferable to create a script checking i-net and >> changing default route. >> But will this break Shorewall? >> >> I''m using v 3.2.0. >> I have ADSL connection ppp0 and a friend with Cable I-net (willing to >> give me access to his network just for fail over) on eth2. >> >> Any suggestions or additional info required? >> >> > > Just define both ppp0 and eth2 as ''net'' interfaces in /etc/shorewall/interfaces > and do not use any of Shorewall''s MultiISP features. I also recommend setting a > net->net DROP policy. > > -Tom > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ------------------------------------------------------------------------ > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >Any changes in NAT required currently only ppp0 is listed in /etc/shorewall/masq Should I add eth2 there? Will just changing default route enough? Thank you -- Hristo Benev IT Manager WAVEROAD Partners in Telecommunications 514-935-2020 x225 T 514-935-1001 F www.waveroad.ca hristo.benev@waveroad.ca ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Hristo Benev wrote:> Tom Eastep wrote: >> Hristo Benev wrote: >> >>> Hi, >>> >>> I''ve read the documentation and I''m aware that automatic FOver is not >>> possible. >>> >>> So for me will be preferable to create a script checking i-net and >>> changing default route. >>> But will this break Shorewall? >>> >>> I''m using v 3.2.0. >>> I have ADSL connection ppp0 and a friend with Cable I-net (willing to >>> give me access to his network just for fail over) on eth2. >>> >>> Any suggestions or additional info required? >>> >>> >> Just define both ppp0 and eth2 as ''net'' interfaces in /etc/shorewall/interfaces >> and do not use any of Shorewall''s MultiISP features. I also recommend setting a >> net->net DROP policy.> Any changes in NAT required currently only ppp0 is listed in > /etc/shorewall/masq > Should I add eth2 there? > Will just changing default route enough?You will also need another entry in /etc/shorewall/masq as you describe unless your friend''s routing will be doing the NAT for you. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642