LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   isp failover (https://www.linuxquestions.org/questions/linux-networking-3/isp-failover-522629/)

zealott 01-25-2007 03:49 AM
isp failover
 
Hi,

I have two domains: example.com and example.net and two internet lines.
I would like to have example.com and example.net point on the same apache server (as .net is redundancy line)

example.com points to 86.221.6.96
example.net points to 194.213.2.98

The setup looks something like this:
IPCOP RED=86.221.6.96->IPCOP DMZ=192.168.42.1->APACHE LAN=192.168.42.2

This works, but I would like to add the second line (194.213.2.98). Since it has an internal router (adsl), I configured it to 192.168.42.5 and connected it to the LAN switch (bypassing IPcop for testing) forwardet TCP80 to 192.168.42.2 and expected example.net to work, but it doesn't.

Using tcpdump I can see that the packets from 194.213.2.98 arrive at 192.168.42.2, but the packets don't find their way back.

Any ideas?

JimBass 01-26-2007 01:25 PM
Of course it doesn't. What you are trying to do would require 2 gateways on the 192.168.42 network, 192.168.42.1 for the 86.221.6.96 connection, and 192.168.42.5 for the 194.213.2.98 connection.

The way you have it at present, the traffic makes the server, then it tries to reply to 192.168.42.1, which sends it out the 86.221.6.96 interface, not where it should be!

You cannot do failover connections without a router/proxy. They do make multiple "in" routers, but they are costly, as you are fairly out of the home networking line of products at that point.

You could set up dual NICs on the server, one for each network, but that isn't failover, if the connection.com went down, it wouldn't fall over to the connection.net interface.

You can also search for posts about using the squid proxy for multiple feeds.

Also, you'd need to change the DNS for both zones, so it round-robins the IPs of both connections.

Peace,
JimBass

zealott 01-27-2007 12:46 PM
thanks for the answer.
Is it possible to use SNAT to figure out what interface it should send the packets to?

Just to clarify the issue; I would like to have two inbound connections, just in case one of the ISP fail. For instance, if the .com domain don't work, they try the .net domain.

Flow example:

user types blah.com, gets directed to 86.xx.xx.xx and to 192.168.42.2 (apache eth0), traffic is sent out 192.168.42.1 interface

üser types blah.net, gets directed to 194.xx.xx.xx.xx and to 192.168.42.6 (apache eth0 alias), traffic is sent out 192.168.42.5 interface

Is it possible to use SNAT to do this?

Cheers :)

JimBass 01-27-2007 01:18 PM
I don't think so. According to this page, you can use snat to specify a range of addresses to go out, but it doesn't mention using it as you want to. You can certainly research it and try.

http://iptables-tutorial.frozentux.n...tml#SNATTARGET

There are also heavy-duty pieces of hardware called load balancers which can do this. They are very costly, (like new luxury car prices), and are more the kind of things used in server farms, not a single server sitting at your home/business.

Peace,
JimBass


All times are GMT -5. The time now is 04:28 AM.