Shorewall users - Nov 2010 - Can I use shorewell stuff for my problem

Hi all, Im new to shorewell, can anyone guide me whether I can use 
shorewell for my work. 
I have a requirement in our work:
Each system  shall have two Ethernet card interfaces(system means hardware 
devices, servers, clients in other words any device or host used in the 
project). The IP address of each interface will be of different networks, 
subnets and gateways completely. Bcoz if one of the Ethernet interface is 
down, system should take the other interface that is connected to 
different network.
One of my requirement is that I should not use any external hardware or 
should not have switch support. Can you please guide me whether I can use 
shorewell for my situation.. 
Please help me it is very urgent to be solved.


Thanks and Regards 
Mahesh Gupta.B

L&T EmSyS Proprietary 
L&T EmSyS Confidential 
L&T EmSyS Internal Use 
L&T EmSyS General Business 


------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/8/10 5:52 AM, Mahesh B Gupta wrote:
> 
> Hi all, Im new to shorewell, can anyone guide me whether I can use
> shorewell for my work.
> I have a requirement in our work:
> Each system  shall have two Ethernet card interfaces(system means
> hardware devices, servers, clients in other words any device or host
> used in the project). The IP address of each interface will be of
> different networks, subnets and gateways completely. Bcoz if one of the
> Ethernet interface is down, system should take the other interface that
> is connected to different network.
> One of my requirement is that I should not use any external hardware or
> should not have switch support. Can you please guide me whether I can
> use shorewell for my situation..
Shorewall can provide that capability for the Linux systems in the
project. See http://www.shorewall.net/MultiISP.html.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

Thanks for the reply, can you please confirm me. after reading the 
documentation I have understood that the Shorewall is used as in routers. 
Also I understand that Shorewall does the switching between two ISPs and 
give the packets to the internal LAN. And the routers require two ethernet 
cards+1card for the local LAN. but for my situation I have only two cards 
in each system. Can you please tell whether my understanding is wrong. 
Please find the image below. I need to find the solution for redundant 
network handling, where if one ethernet card is removed the respective 
device should be able to communicate using the other interface. I have 
used bonding method but that is used only if all the systems are in the 
same network, so the bonding solution is ruled out.
As the Shorewall is very big one to study and implement, if it doesn''t 
work as a solution for my project , can you please suggest for some other 
solutions. 
If you want any understanding about the work, I will give even more 
clarification please I need this very badly. Please help me I have very to 
complete this stuff :(






Thanks and Regards 
Mahesh Gupta.B

L&T EmSyS Proprietary 
L&T EmSyS Confidential 
L&T EmSyS Internal Use 
L&T EmSyS General Business 




Tom Eastep <teastep@shorewall.net> 
11/08/2010 08:06 PM
Please respond to
Shorewall Users <shorewall-users@lists.sourceforge.net>


To
shorewall-users@lists.sourceforge.net
cc

Subject
Re: [Shorewall-users] Can I use shorewell stuff for my problem






On 11/8/10 5:52 AM, Mahesh B Gupta wrote:
> 
> Hi all, Im new to shorewell, can anyone guide me whether I can use
> shorewell for my work.
> I have a requirement in our work:
> Each system  shall have two Ethernet card interfaces(system means
> hardware devices, servers, clients in other words any device or host
> used in the project). The IP address of each interface will be of
> different networks, subnets and gateways completely. Bcoz if one of the
> Ethernet interface is down, system should take the other interface that
> is connected to different network.
> One of my requirement is that I should not use any external hardware or
> should not have switch support. Can you please guide me whether I can
> use shorewell for my situation..
Shorewall can provide that capability for the Linux systems in the
project. See http://www.shorewall.net/MultiISP.html.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users





------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/9/10 1:24 AM, Mahesh B Gupta wrote:
> 
> Thanks for the reply, can you please confirm me. after reading the 
> documentation I have understood that the Shorewall is used as in 
> routers.
It can also me used on a standalone host.
> Also I understand that Shorewall does the switching between two ISPs
> and give the packets to the internal LAN. And the routers require two
> ethernet cards+1card for the local LAN. but for my situation I have 
> only two cards in each system. Can you please tell whether my 
> understanding is wrong.
Again, Shorewall can be used on a standalone system with two ethernet
cards going to two different networks.
> Please find the image below. I need to find the solution for
> redundant network handling, where if one ethernet card is removed the
> respective device should be able to communicate using the other
> interface.
The diagram that you show will work right out of the box with no extra
software at all.

What Shorewall (together with LSM) can add is that it allows there to be
a default route through each of the networks. This allows for internet
access even when one of the links is down.
> I have used bonding method but that is used only if all the systems
> are in the same network, so the bonding solution is ruled out. As the
> Shorewall is very big one to study and implement, if it doesn''t
work
> as a solution for my project , can you please suggest for some other
> solutions. If you want any understanding about the work, I will give
> even more clarification please I need this very badly. Please help me
> I have very to complete this stuff :(
Shorewall will work, provided that all of the hosts run Linux.

The configuration is pretty simple; something like:

/etc/shorewall/config

...
USE_DEFAULT_RT=Yes
...

/etc/shorewall/zones

fw	firewall
net	ipv4

/etc/shorewall/interfaces

net	eth0	-	optional
net	eth1	-	optional

/etc/shorewall/policy

all	all		ACCEPT #No firewall at all

/etc/shorewall/providers

LAN1	1	-	eth0	<gw IP address>		balance,track
LAN2	2	-	eth1	<gw IP address>		balance,track

The above configuration will roughly balance outgoing internet
connections between the two gateways.

Now configure LSM and you are done.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

Hi Tom, thanks for the detailed explanation.. Im working to make the 
things work.. 
Now I have got another project it is also same stuff but 
in the new one.. we have a bit different stuff. 

We have two ethernet cards, where the data should be sent to two ethernet 
cards all the time to provide 200% data. if one is dropped other shall be 
used with 100%data rate. I understood from your explanation that.. we can 
route all the data to both the interfaces with the configuration file "
/etc/shorewall/providers". 
But while receiving the data Im sure I will get the duplicate packets, so 
can you please tell me whether your shorewall can be used in this 
situation to discards the duplicate packets while receiving.

So I can use your stuff in both the projects... 

Thanks and Regards



Thanks and Regards 
Mahesh Gupta.B

L&T EmSyS Proprietary 
L&T EmSyS Confidential 
L&T EmSyS Internal Use 
L&T EmSyS General Business 




Tom Eastep <teastep@shorewall.net> 
11/09/2010 11:19 PM
Please respond to
Shorewall Users <shorewall-users@lists.sourceforge.net>


To
shorewall-users@lists.sourceforge.net
cc

Subject
Re: [Shorewall-users] Can I use shorewell stuff for my problem






On 11/9/10 1:24 AM, Mahesh B Gupta wrote:
> 
> Thanks for the reply, can you please confirm me. after reading the 
> documentation I have understood that the Shorewall is used as in 
> routers.
It can also me used on a standalone host.
> Also I understand that Shorewall does the switching between two ISPs
> and give the packets to the internal LAN. And the routers require two
> ethernet cards+1card for the local LAN. but for my situation I have 
> only two cards in each system. Can you please tell whether my 
> understanding is wrong.
Again, Shorewall can be used on a standalone system with two ethernet
cards going to two different networks.
> Please find the image below. I need to find the solution for
> redundant network handling, where if one ethernet card is removed the
> respective device should be able to communicate using the other
> interface.
The diagram that you show will work right out of the box with no extra
software at all.

What Shorewall (together with LSM) can add is that it allows there to be
a default route through each of the networks. This allows for internet
access even when one of the links is down.
> I have used bonding method but that is used only if all the systems
> are in the same network, so the bonding solution is ruled out. As the
> Shorewall is very big one to study and implement, if it doesn''t
work
> as a solution for my project , can you please suggest for some other
> solutions. If you want any understanding about the work, I will give
> even more clarification please I need this very badly. Please help me
> I have very to complete this stuff :(
Shorewall will work, provided that all of the hosts run Linux.

The configuration is pretty simple; something like:

/etc/shorewall/config

...
USE_DEFAULT_RT=Yes
...

/etc/shorewall/zones

fw               firewall
net              ipv4

/etc/shorewall/interfaces

net              eth0            -               optional
net              eth1            -               optional

/etc/shorewall/policy

all              all                             ACCEPT #No firewall at 
all

/etc/shorewall/providers

LAN1             1               -               eth0            <gw IP 
address>                                 balance,track
LAN2             2               -               eth1            <gw IP 
address>                                 balance,track

The above configuration will roughly balance outgoing internet
connections between the two gateways.

Now configure LSM and you are done.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users




------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/9/10 8:38 PM, Mahesh B Gupta wrote:
> 
> Hi Tom, thanks for the detailed explanation.. Im working to make the
> things work..
> Now I have got another project it is also same stuff but
> in the new one.. we have a bit different stuff.
> 
> We have two ethernet cards, where the data should be sent to two
> ethernet cards all the time to provide 200% data.
I have no idea how to do that (or why one would want to).

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

<I have no idea how to do that (or why one would want to)>

Hi, Thanks for the reply. Yes you are rite.. but my client want the 
solution for this method.
I don''t know where to get a solution. 
Even I think it is a ridiculous idea, what to do.. 


Thanks and Regards 
Mahesh Gupta.B

L&T EmSyS Proprietary 
L&T EmSyS Confidential 
L&T EmSyS Internal Use 
L&T EmSyS General Business 




Tom Eastep <teastep@shorewall.net> 
11/10/2010 10:42 AM
Please respond to
Shorewall Users <shorewall-users@lists.sourceforge.net>


To
shorewall-users@lists.sourceforge.net
cc

Subject
Re: [Shorewall-users] Can I use shorewell stuff for my problem






On 11/9/10 8:38 PM, Mahesh B Gupta wrote:
> 
> Hi Tom, thanks for the detailed explanation.. Im working to make the
> things work..
> Now I have got another project it is also same stuff but
> in the new one.. we have a bit different stuff.
> 
> We have two ethernet cards, where the data should be sent to two
> ethernet cards all the time to provide 200% data.
I have no idea how to do that (or why one would want to).

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users




------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 10/11/2010 13:55, Mahesh B Gupta wrote:
>
> <I have no idea how to do that (or why one would want to)>
>
> Hi, Thanks for the reply. Yes you are rite.. but my client want the
> solution for this method.
> I don''t know where to get a solution.
> Even I think it is a ridiculous idea, what to do..
Tell them it''s ridiculous.

This is part of *your* job to give good advice to your customers.

If they don''t listen to you and implement bloated solutions, fine.
Their
fault.

------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 10/11/2010 04:38, Mahesh B Gupta wrote:
> We have two ethernet cards, where the data should be sent to two 
> ethernet cards all the time to provide 200% data. if one is dropped 
> other shall be used with 100%data rate. I understood from your 
> explanation that.. we can route all the data to both the interfaces 
> with the
You are talking about ethernet bonding, which is quite possible with 
both Windows and Linux, but the implementation varies considerably. It 
is also outside the scope of this mailing list. Google is your friend here.

Regards

ruth


------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/10/10 7:38 AM, Ruth Ivimey-Cook wrote:
> On 10/11/2010 04:38, Mahesh B Gupta wrote:
>> We have two ethernet cards, where the data should be sent to two
>> ethernet cards all the time to provide 200% data. if one is dropped
>> other shall be used with 100%data rate. I understood from your
>> explanation that.. we can route all the data to both the interfaces
>> with the
> 
> You are talking about ethernet bonding, which is quite possible with
> both Windows and Linux, but the implementation varies considerably. It
> is also outside the scope of this mailing list. Google is your friend here.
I''m under the impression that bonding only sends packets over a single
link, rather than all links. I agree that bonding is a logical solution
to this problem but it is not quite what Mahesh''s customer is asking
for.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 10/11/2010 17:25, Tom Eastep wrote:
> On 11/10/10 7:38 AM, Ruth Ivimey-Cook wrote:
>> On 10/11/2010 04:38, Mahesh B Gupta wrote:
>>> We have two ethernet cards, where the data should be sent to two
>>> ethernet cards all the time to provide 200% data. if one is dropped
>>> other shall be used with 100%data rate. I understood from your
>>> explanation that.. we can route all the data to both the interfaces
>>> with the
>> You are talking about ethernet bonding, which is quite possible with
>> both Windows and Linux, but the implementation varies considerably. It
>> is also outside the scope of this mailing list. Google is your friend
here.
> I''m under the impression that bonding only sends packets over a
single
> link, rather than all links. I agree that bonding is a logical solution
> to this problem but it is not quite what Mahesh''s customer is
asking for.
Perhaps I have misunderstood the need, but with bonding, you use the 
bandwidth of two links to achieve twice the maximum data rate of one 
link. If the requirement is to send the same packets over multiple 
ethernet links, duplicating the streams, then bonding isn''t the 
solution, but I don''t know of any potted solution that will do this: it
is of course possible, but I strongly suspect that kernel coding is 
needed. And why would this be good?

Back on bonding, for any individual packet it will only use one link, 
but overall, both are used at once. A possible implementation would be 
to send even-numbered packets over link1 and odd-numbered over link2, 
although that is very simplistic. Bonded links are usually be bonded at 
both ends in the same way.

See: http://en.wikipedia.org/wiki/Channel_bonding

Most implementations of bonding result in a new virtual network 
interface being created and at least an implication that the component 
interfaces must not be used independently. You can therefore use 
shorewall etc on top of the result without needing to know that it is 
bonded, which is why I said it was out of the scope of the list.

One flaw of bonding is that there is an assumption that the computer has 
the capacity to use and benefit from the additional bandwidth, which is 
not necessarily true. For example, a 100Mbps link running on PCI boards 
is nearly capable of saturating the processor''s PCI bus, and adding new
PCI boards will not help unless they live on alternate bus. Similarly, 
CPU and disk performance is likely to be more limiting to throughput 
than the speed of a 1Gbps link - my own setup uses PCI-e and 1Gps links 
thoughout and cannot saturate it even with very fast CPUs and disk at 
both ends. Use of highly tuned hardware and software can overcome this 
to some degree but the tuning should come first, and bonding is just one 
minor part of that. [Of course, if you''re bonding something as slow as
a
modem line then these concerns are unfounded.]

HTH,

Ruth



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/10/10 10:56 AM, Ruth Ivimey-Cook wrote:

<Excellent description of bonding>

Thanks, Ruth. You have confirmed my understanding of bonding, it''s
features and its limitations.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
The Next 800 Companies to Lead America''s Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev

On 11/11/2010 12:10 AM, Tom Eastep wrote:
> On 11/10/10 10:56 AM, Ruth Ivimey-Cook wrote:
>
> <Excellent description of bonding>
>
> Thanks, Ruth. You have confirmed my understanding of bonding, it''s
> features and its limitations.
>
> -Tom
>
I''ve been reading this for a while and have hard time to understand
what
"stupid if I may" managers and IT stuff say to each other in order to 
make sure that  a project will fail.
Since I''ve been in the corporate world for a few decades I must say
that
no manager will take the blame and all I can see is 2 victims.
a ) the Project
b) the Technician,
The sort managers answer will be "I am no Technician" no matter how 
stubborn or stupid he acted with this.

Back to the technical stuff.

The right way to do "bonding"

Ingredients:
a) On each linux server attach a number of nics desired,
b) for each nic in that participates in bonding make sure that you have 
a free port on an appropriate switch ( depending ) on the configuration.

Decide what kind of bonding is required according to this simple
"howto"
after making sure your switch will support it.

http://www.enterprisenetworkingplanet.com/nethub/article.php/3697756
( Sorry no windows info here )

After all of these are set and done,

Back to  shorewall ( if required since I am not so sure )

2 solutions here

Either shorewall will be configured
a) with Vlans "no problem here" ( and the switch will take care of
that )
      For instance ( vlan10  = dmz zone , vlan20 = local lan zone , 
vlan30 = ISP1 router , vlan40 = isp2 router )

b) or with the interface bond0 or what ever it might be "No problem here 
also".

c) or with a mix of both.

End of story
--------------------------------------------------------------------------------------------------------
No dual networks no dual ips no ridiculous  configs.

In all my configs that I had  to use bonding I prefered the official 
"802.3ad" or 4 mode and vlans.

Hope this helps ...
Still you have to do a lot of Reading and research ...

Regards
Harry.

HINTS
a) Switches with the "802.3ad" tend to be more expensive
b) Not all switches that claim to support "802.3ad" do so, I once came
across a 3com switch that claimed this only to find out latter somewhere 
hidden that it does as long as the other part across is a 3com brother 
switch !!!! So once you decide to go this way buy an upper market value 
switch ( :-P after persuading your Manager lol )

Bonding modes "balance-tlb or 5" and "balance-alb or 6"
claim that no
special config on the switch is required and look sexy *but* never tried 
them in a production env if you use this make sure you give ping some 
time before the switches overcome their initial embarrassment :-)







------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev

On 11/10/2010 10:08 AM, Mahesh B Gupta wrote:
>
> We have two ethernet cards, where the data should be sent to two 
> ethernet cards all the time to provide 200% data. if one is dropped 
> other shall be used with 100%data rate.
You can do this using bonding. Bonding mode 3 provides this functionality.

 From the kernel docs :

broadcast or 3
   Broadcast policy: transmits everything on all slave interfaces.  This 
mode provides fault tolerance.

-- Raghu


------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev

Ya Raghu.. u r rite... But after bonding the system will have only one IP 
address, but I have to keep two ip address for the 2 NICs.. 

Thanks and Regards 
Mahesh Gupta.B

L&T EmSyS Proprietary 
L&T EmSyS Confidential 
L&T EmSyS Internal Use 
L&T EmSyS General Business 




Raghu <raghusiddarth@gmail.com> 
11/12/2010 08:11 AM
Please respond to
Shorewall Users <shorewall-users@lists.sourceforge.net>


To
shorewall-users@lists.sourceforge.net
cc

Subject
Re: [Shorewall-users] Can I use shorewell stuff for my problem






On 11/10/2010 10:08 AM, Mahesh B Gupta wrote: 

We have two ethernet cards, where the data should be sent to two ethernet 
cards all the time to provide 200% data. if one is dropped other shall be 
used with 100%data rate.

You can do this using bonding. Bonding mode 3 provides this functionality.
>From the kernel docs :
broadcast or 3
  Broadcast policy: transmits everything on all slave interfaces.  This 
mode provides fault tolerance.

-- Raghu
------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev

On 11/14/10 7:21 PM, Mahesh B Gupta wrote:
> 
> Ya Raghu.. u r rite... But after bonding the system will have only one
> IP address, but I have to keep two ip address for the 2 NICs..
Why?

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev