Hello all,
I have couple more questions:
1. What is the best and quickest way to make one or two changes and
restart the shorewall so that a down ISP is removed from load
balancing and the live isp gets all the load?
2. We have a split dns and serve all outside requests for name resolution.
We have opened up the DNS port (53), but there are drops in the
shorewall log file.
Aug 6 06:03:16 homendatt Shorewall:net2all:DROP: IN=eth0 OUT=
MAC=00:03:47:08:d0:6a:00:00:c5:e4:d3:b0:08:00 SRC=202.96.136.204 DST=1.2.3.4
LEN=62 TOS=00 PREC=0x20 TTL=239 ID=25106 DF PROTO=UDP SPT=33308 DPT=53 LEN=42
.
.
Aug 6 06:04:36 homendatt Shorewall:net2all:DROP: IN=eth0 OUT=
MAC=00:03:47:08:d0:6a:00:00:c5:e4:d3:b0:08:00 SRC=81.26.128.2 DST=1.2.3.4
LEN=55 TOS=00 PREC=0x20 TTL=52 ID=59511 CE DF PROTO=UDP SPT=34618 DPT=53 LEN=35
But from two different (outside) networks, we are able get name resolution
and we don''t see any drops from these outside networks. Any idea what
could be causing the above drops?
Thanks
__
Seva
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
imap@adari.net wrote:> 1. What is the best and quickest way to make one or two changes and > restart the shorewall so that a down ISP is removed from load > balancing and the live isp gets all the load? >Simply set the ''optional'' option on both interfaces in /etc/shorewall/providers. Then you just hae to restart Shorewall.> 2. We have a split dns and serve all outside requests for name resolution. > We have opened up the DNS port (53), but there are drops in the > shorewall log file.Insufficient data to analyze the problem. We would need a Shorewall dump that included these log entries (generated since the last time that the Shorewall counters were reset). Or you could spend some time with Shorewall FAQ 17 and try to determine why you are seeing those messages. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Quoting Tom Eastep <teastep@shorewall.net>:> imap@adari.net wrote: > > > 1. What is the best and quickest way to make one or two changes and > > restart the shorewall so that a down ISP is removed from load > > balancing and the live isp gets all the load? > > > > Simply set the ''optional'' option on both interfaces in > /etc/shorewall/providers. Then you just hae to restart Shorewall.I will yank a link and give this a try.> > 2. We have a split dns and serve all outside requests for name resolution. > > We have opened up the DNS port (53), but there are drops in the > > shorewall log file. > > Insufficient data to analyze the problem. We would need a Shorewall dump > that included these log entries (generated since the last time that the > Shorewall counters were reset). > > Or you could spend some time with Shorewall FAQ 17 and try to determine > why you are seeing those messages. >Ok, I will do some digging.> -TomThanks for your prompt responses! ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/