[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Redundant link in FreeBSD

To: Brian Candler <B.Candler at pobox.com>
Subject: Re: Redundant link in FreeBSD
From: antonio at nambu.uem.mz
Date: Wed, 30 Apr 2003 16:20:46 +0200
Cc: afnog at afnog.org
Content-description: Mail message body
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog-outgoing at afnog.org
Delivered-To: afnog at afnog.org
In-reply-to: <20030430142402.A56934 at linnet.org>
References: <3EAF9F2D.5919.53E70C at localhost>; from antonio at nambu.uem.mz on Wed, Apr 30, 2003 at 10:02:21AM +0200
Sender: owner-afnog at afnog.org

Thanks Brian. I will try it as soon as I find someone to script for me 
the automated default route swing.

Cheers,



On 30 Apr 2003 at 14:24, Brian Candler wrote:

> On Wed, Apr 30, 2003 at 10:02:21AM +0200, antonio at nambu.uem.mz wrote:
> > Does anyone know whether it is possible to have a dial-up link 
> > setup on a freebsd machine which is acting as a proxy between a 
> > local network and an ISP connected by a leased line so that when 
> > the leased line fails the freebsd machine can automatically call 
> > through the dialup to the same ISP?
> ...
> > The FreeBSD machine is running NAT, has two network cards, is 
> > connected to the Internet via a leased line, it is FreeBSD 4.7.
> 
> My home machine used to do something very similar:
> 
>                             modem -//-> dialup
>                               |
>                     fxp0      |      fxp1
>     -------------------- FreeBSD Box ------------- DSL router ----> ISP
>      LAN/private IPs                  public IPs
> 
> My only concern was to provide continued Internet access to the LAN machines
> on private IPs if the DSL line failed; I made no attempt to reroute the
> public IPs. The dial-up account that I used was just a normal ISP account
> with a dynamic IP.
> 
> Essentially, you just configure NAT on both outbound interfaces (say fxp1
> and ppp0). With ipfw and userland ppp you end up with two separate NAT
> instances: natd for the ethernet, and userland ppp doing the NAT. Personally
> I find this sort of setup much easier with ipfilter, where you can configure
> NAT on multiple interfaces without ever having to mess with multiple natd
> instances.
> 
> So, packets which go out of ppp0 are NAT'd to ppp0's local address, and
> packets which go out of fxp1 are NAT'd to fxp1's IP address.
> 
> The only thing you need to do, then, is swing the default route
> appropriately. I left this as a manual process, because I did not want my
> phone line to be used while I was not around. However in principle you could
> ping (on fxp1) the IP address of the next-hop router at the ISP, with a TTL
> of 1. If this fails then you can remove defaultroute and bring up the ppp
> link. When it works again then you can kill ppp and put back the old
> defaultroute. So it needs a bit of scripting to be done automatically.
> 
> One note: with dynamic IPs, you need to run 'ipf -y' after the PPP interface
> has been brought up, to let ipfilter know about the interface IP address
> changes. You can put this in /etc/ppp/ip-up
> 
> Regards,
> 
> Brian.




-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

References:
- Redundant link in FreeBSD
  - From: antonio at nambu.uem.mz
- Re: Redundant link in FreeBSD
  - From: Brian Candler <B.Candler at pobox.com>

Prev by Date: Re: Redundant link in FreeBSD
Next by Date: Re: BGP over satellite link - update!!
Prev by thread: Re: Redundant link in FreeBSD
Next by thread: Re: Network utility tools
Index(es):
- Date
- Thread