From: Simon Matthews <simon@paxonet.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Iptables, SNAT/MASQ, Multiple gateways
Date: Mon, 30 Sep 2002 19:24:58 +0000 [thread overview]
Message-ID: <marc-lartc-103341402109343@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103332395202631@msgid-missing>
On Mon, 30 Sep 2002, Don Cohen wrote:
> Simon Matthews writes:
> > OK, this may be a reasonable approach, but how do I force it initiate
> > connections from the "fast" interface, yet allow it to fail over to the
> > slow interface if the sytem removes the route to the fast gateway because
> > it has detected that it is not responding?
>
> Off hand I don't know anything built in for this (I look forward to
> hearing an answer from someone who does), but I don't think this is
> really what you want anyway. It's not as if your link is the only one
> that could fail!
Don, there are some kernel patches (already installed on my system) that
support dead gateway detection and static routes. "Static" means that the
routes are not forgotten when the system removes an interface because the
gateway is not working.
But the problem remains: how to handle this in iptables MASQ/SNAT
commands? One can postulate that if the interface is removed because the
gateway is dead, then the MASQ command will use the source related to the
other gateway.
However, the question now is: how to force the system to use the source
address related to the "fast" gateway under normal operation while
allowing a failover to the the slow gateway?
Simon
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-09-30 19:24 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-29 18:24 [LARTC] Iptables, SNAT/MASQ, Multiple gateways Simon Matthews
2002-09-29 22:45 ` José Luis Domingo López
2002-09-30 5:18 ` Don Cohen
2002-09-30 7:06 ` Simon Matthews
2002-09-30 15:55 ` Don Cohen
2002-09-30 17:05 ` Michael T. Babcock
2002-09-30 18:11 ` Jose Luis Domingo Lopez
2002-09-30 19:23 ` Julian Anastasov
2002-09-30 19:24 ` Simon Matthews [this message]
2002-09-30 19:26 ` Simon Matthews
2002-09-30 19:41 ` Greg Scott
2002-10-01 4:12 ` William L. Thomson Jr.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103341402109343@msgid-missing \
--to=simon@paxonet.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.