All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Secure / Redundant router configuration
@ 2003-02-10 15:12 John Cushnie
  2003-02-10 15:27 ` Matthew Crocker
  0 siblings, 1 reply; 2+ messages in thread
From: John Cushnie @ 2003-02-10 15:12 UTC (permalink / raw)
  To: lartc

Hi all,

Has anyone configued a Linux Router in a secure / redundant
configuration ?
By this I mean a dual (or more) boxen router, using multiple multiple 
connections on both sides of the router, so that if hardware failures 
strike the impact on the users is minimised.

In particular, I'm interested how load sharing can be configured for 
when all the hardware is working, ie normal state.

Also anyone used LARTC to set up a 'mesh' type configuration for sharing

Internet connections with a wireless based network.
I am interested in how several internet connections can be connected 
to a wireless mesh using LARTC.

We are looking to implement this in our local 'remote' community. 
The Internet feeds will be from 10MB wireless bridges located in 
several locations (local schools) several miles apart. 
Wireless bridges and access points will then be used to distribute 
the Internet connectivity over a radius of several miles.
LARTC may then be used top provide a level of QoS to all users 
(approx 2000 house in total) of the network using bandwidth 
sharing/allocation and queuing based on IP address and traffic.
Anyone done anything similar and willing to share experiences ?

Any pointers/suggestions please ? 

Many thanks.
John Cushnie

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] Secure / Redundant router configuration
  2003-02-10 15:12 [LARTC] Secure / Redundant router configuration John Cushnie
@ 2003-02-10 15:27 ` Matthew Crocker
  0 siblings, 0 replies; 2+ messages in thread
From: Matthew Crocker @ 2003-02-10 15:27 UTC (permalink / raw)
  To: lartc

On Mon, 2003-02-10 at 10:12, John Cushnie wrote:
> Hi all,
> 
> Has anyone configued a Linux Router in a secure / redundant
> configuration ?
> By this I mean a dual (or more) boxen router, using multiple multiple 
> connections on both sides of the router, so that if hardware failures 
> strike the impact on the users is minimised.
> 

I use keepalived (keepalived.sourceforge.net) to handle the fail over of
my two Linux NAT routers.  keepalived supports VRRP and will fail over a
virtual address to the other machines.  My working machines use the
virtual address as their default gateway.

Another solution is to install OSPF on everything and let the working
machines decide which route to take based on dynamic routing (OSPF).

Here is how we do it

Two Cisco routers handle our upstream bandwidth with BGP4 to multiple
providers.  The cisco routers use HSRP to fail over their Ethernet
ports.  The cisco routers also speak OSPF with my two linux
firewall/LVS/routers (using zebra) which handle inbound load balancing
and outbound NAT of my working machines.  Working machines are setup
with a virtual IP address for default gateway which is only active on
one Linux firewall at a time (using keepalived)

-Matt
> In particular, I'm interested how load sharing can be configured for 
> when all the hardware is working, ie normal state.
> 
> Also anyone used LARTC to set up a 'mesh' type configuration for sharing
> 
> Internet connections with a wireless based network.
> I am interested in how several internet connections can be connected 
> to a wireless mesh using LARTC.
> 
> We are looking to implement this in our local 'remote' community. 
> The Internet feeds will be from 10MB wireless bridges located in 
> several locations (local schools) several miles apart. 
> Wireless bridges and access points will then be used to distribute 
> the Internet connectivity over a radius of several miles.
> LARTC may then be used top provide a level of QoS to all users 
> (approx 2000 house in total) of the network using bandwidth 
> sharing/allocation and queuing based on IP address and traffic.
> Anyone done anything similar and willing to share experiences ?
> 
> Any pointers/suggestions please ? 
> 
> Many thanks.
> John Cushnie
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-- 
Matthew S. Crocker
Crocker Communications, Inc.  / Vice President
PO BOX 710
Greenfield, MA 01302-0710

Voice: 413-746-2760
Fax: 413-746-3704
Web: http://www.crocker.com
E-mail: matthew@crocker.com
GPG Public Key: www.keyserver.net


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-02-10 15:27 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-02-10 15:12 [LARTC] Secure / Redundant router configuration John Cushnie
2003-02-10 15:27 ` Matthew Crocker

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.