Re: [LARTC] Redundant internet connections.

[Grant Taylor <gtaylor@riverviewtech.net>]

On 06/21/07 10:35, Peter Rabbitson wrote:
> I don't know about any working in-kernel solutions, but you can do it 
> trivially with netfilter and a cronjob:
<snip>

If I understand what you are proposing correctly, it looks like you are 
jumping to a sub-chain used used only for counting traffic.  If the 
counters show traffic, you are saying that traffic is flowing across the 
link and thus the link must be up and functional.  Right?
If the link is not up and functional the take action to not use that link.

I'm also not clearly understanding how matching the source IP will work 
on either link considering that both links will have the capability to 
pass traffic for the same globally routable DMZ subnet.  Though I think 
this could be mitigated by altering the rules to count packets going out 
or coming in an interface rather than based on source / destination IP.
> Of course you can have up to 1 minute of downtime, but it does not look 
> so bad IMO.
One minute may or may not be bad.  I know that it is a long time (when 
you are trying to ssh) but automatic failover is better than manual. 
And the one minute will probably be much faster than manual failover.


Grant. . . .
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc