Multiple Upstreams

From: Mike Harrison 

I=92m looking for a fresh approach to something that I figure someone on th=
e list knows a better way. =

I=92m looking at a Linux system that has two live public IP=92s on it, from=
 different ISP=92s. both with a router feeding it. =

DNS round robins to both IP addresses. These two IP=92s belong to ISP's tha=
t cover 90% of the target population using this system, and that=92s not a =
lot of people. But having this system available is important. =

What I could do, and would have done many years ago, was add static routes =
for each gateway for that ISP=92s addresses, and have a script that periodi=
cally evaluates the routes out and would alter the static routes if one or =
the other ISP=92s connection goes down. We are only talking about a /16 or =
less on each route.. I=92d pick one of them as a default route with a prior=
ity weight for getting out of the country. =

I=92ve been studying up on things like =93Advanced Routing=94 like: =

As this is a small collection of servers, in a very small country, things l=
ike BGP and such just aren=92t available. Getting a solid connection and st=
atic IP=92s assigned was a serious trick. =

One thought was/is to put a pfSense box in front of these servers and use i=
t for some load connection balancing, but I=92m not even sure if that would=
 address the issue. =

Any thoughts from ya=92ll, or is my kludgy old school way still the way?


=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm pretty sure you can do the load balance + gateway tracking for fail-over. I know during the 2.0-BETA phase a lot of that was b0rken pretty bad, but I believe it is all working as intended now. Regards, dtb - -- = "Some things in life can never be fully appreciated nor understood unless experienced firsthand. Some things in networking can never be fully understood by someone who neither builds commercial networking equipment nor runs an operational network." RFC 1925 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJTf4njAAoJEMP+wtEOVbcdCAAIAJ+f+TWBHTdsiujP8rq1WRXq JbEQALW/u/m+Crtb6Swv/ASaZOQ6NQu48MLI27Xu96AzAcYJFzHdE9vyPL8/gbMy MsqjJ/Gdvq3laNQvGUDkzYCPif9/eBlOCBUCGIPHk7EYDdBh6HjAUxIz7qqJQnrs MQwk0L+xtOPXASxtYsuWXJGhOjJ9gBO9fSocpIqBJGqUwvIrESF9M63Z2Yn4hvSM w00f67a7REhcxK2naTgzJPyq9ShyJFtAeN2MmVYchEdOdwYid9R11oBS/wgLOrxV bAmGxabDrwLi1NAN/OHauiznxCobt5wSz4+zC3VzBPMdP6EZCnojympGJRoz1xc=3D =3Db30i -----END PGP SIGNATURE-----