I would also like to point out that DD-WRT, Tomato, or your preferred Linux distro are all options as well.

I recently replaced my off the shelf router with a Raspberry Pi 3 running CentOS (I suppose you could do it with Slackware too, but I want SELinux and auditd). While I do not have a multi WAN link I think it wouldn't take much more effort to replicate. The Rpi3 has a built in Ethernet NIC limited to 100Mbps so I disabled that and I used two 1Gbps USB to Ethernet NICS for the WAN and the wired LAN. The built in wireless NIC has a very weak range, so I disabled/replaced that with a better USB WiFi dongle. This could also be done using a Rpi2 but the Rpi3 has better processing power. The house is wired with Cat6E and connected to the Pi using a few cheap TrendNET switches.

The router cost me around $60 to create because I already owned the network switches. I have 14 devices, between WiFi and wired, 4 of which are Samsung smart televisions. Every night we stream Netflix from all TVs at once, along with a torrent box, and several other devices browsing the web. We eat up quite a bit of bandwidth without issue. I have been quite happy with this set up and thought I would share the possibility.

@mfoley
You're welcome!

Richard Cranium's suggestion added another NAT and DHCP server in your network, a third redundancy if you will. You could get the two switches out and rename the "New Router" to Host C and you'll have a copy of Host A or B only with the public IP 100.100.0.7 and the private IP 192.168.0.1, private IP which is also the gateway for the private LAN hosts connected to it, that's the ones that got their configuration from the DHCP server running on the New Router.
You haven't mentioned the need for port forwarding until now but only high availability. I'm afraid that this is complicating your setup a little bit since you use 3 (originally 2) dhcp servers and 3 different gateways (originally 2) for your LAN, all this under static routing and no (at least) VRRP.
https://en.wikipedia.org/wiki/Vrrp
You should have control (based on MAC) over which of these DHCP servers will provide the host 192.168.0.58 with its IP configuration just to make sure that it uses the LAN gateway from host A (192.168.0.2) where you defined your port forwarding.
I don't have your whole firewall rules set but you should be aware that you are expecting new connections on Host's A 100.100.0.5 port 1453 (have a listening service on 192.168.0.58:9595) and you need to allow them to get in and get DNAT-ed.
If you want to always be able to connect to your public Host's A 100.100.0.5:1234 from outside then your easiest option is to run a DNS server on your own and do the "public" failover through DNS, use my suggested setup with the third NIC card.
EDIT>
Use your port forwarding DNAT rule on host A together with another DNAT for the time this host has no connectivity to the Modem and fails over on host B:
Then on host B add:
Finally, define and use a public hostname (your own registered domain name) for covering/switching your public IPs and accessing your service on port 1453 from outside. But then again, you only have one link with the same gateway connected to your only ISP, there's no redundancy there. Try getting a second contract with a second ISP if you want to have true redundancy and your service/setup is that important.
Additionally, if you want to access the service on 192.168.0.58:9595 that bad, you shouldn't have got it on LAN (private network) under NAT in the first place, I regard this as a conceptual problem.

You see, this is getting a little bit over Slackware and more into Firewalling and Advanced Routing, you definitely need to master these for your not that simple anymore setup

@mralk3
I'm also using Rpi2 (Rpi3 is just overheating and throttling too much, especially on VPNs) to substitute OpenWRT for some more advanced stuff (vpn included - since OpenWRT & co have their packages really crippled by the need to fit in a 4-8MB Flash and low RAM system) and running Slackware on it. The 100Mbps NIC speed is an issue but an external Gigabit NIC will also get bottleneck-ed by the USB 2.0 limited bandwidth, so I'm using multiple 100Mbit NICs and I'm fine with them.

1 members found this post helpful.

That's not what I gleaned from his network description nor was it what I thought I had described.

In my diagram, he has one and only one NAT and perhaps DHCP server and that would be "New Router".

Host A and Host B have fixed IP addresses on the cable modem side. My goal was to not use Host A and Host B as gateways at all for the rest of the LAN, since they appeared to have other functions that could interfere with their secondary jobs as being gateways to the outside world. With that in mind, those two servers should not be providing NAT and DHCP services to anyone else.

While I did not mention it, I would not have configured Host A and Host B to obtain their routing from the "New Router" DHCP server. I viewed the LAN side interfaces for those servers as a way for servers within the LAN to access those two servers versus being the primary route for those servers to contact the rest of the world.

I will admit that moves the nearest single point of failure from Host A to "New Router". As you mentioned, his ISP is the next single point of failure and your comments about that are absolutely on point.

I'll also agree that the OP's setup is not simple and that there are perhaps better ways to provide the services he needs to be exposed to the outside world than the manipulation of iptables rules.

And, as you stated, this is less of a Slackware issue than a networking one.

1 members found this post helpful.

@Richard Cranium

My short and only sentence referring to your advice was to help the OP understand how his actual setup works and aid him to understand why his port forwarding is not doing what he expected, the packets from his LAN host 192.168.0.58 might not reach host A after all.
I do appreciate your inputs trying to help by the time I was still trying to understand the actual setup and what is looked to be achieved - define the problem. The OP specifically mentioned a "New Router" and you provided an answer for that.

On the DHCP part, in the post #7 the OP mentions the use of DHCP:
And then again in post #15 after trying your suggestion:
I've used the adjective pseudo for both the actual setup and the desired solution from the very beginning, because there is no full redundancy even on the LAN side, but only service availability. The connectivity redundancy is not guaranteed due to the fact that the hosts in the LAN only receive one gateway (out of the original 2) and if that gateway goes down then the hosts that were using it need to renew their IP configuration and use the second available gateway. You can do that through DHCP but you need to restart the LAN host (client) or manually renew the configuration. Another possible solution would be to manually define alternate IP configuration on the LAN hosts - even Windows supports that nowadays. However, none of these are serious redundancy approaches and VRRP should be used instead.

More on multiple gateways on LAN:
https://howdoesinternetwork.com/2014...eway-solutions

@mfoley
Again, this guide / inspiration should get your desired setup:
http://backreference.org/2013/04/03/...nd-keepalived/
On the WAN side look for a second line with a different ISP, in order to have true redundancy

Alternatively you can go through the "dirty" way that I suggested in my posts #14 and continued with the port forwarding in #17 but you'll need to care about your LAN redundancy manually (define alternative IP configurations on your LAN hosts).

I'm not irritated about it; my goals with my advice were to move any firewall work to a dedicated device which would do just that and leave the two servers with fixed addresses that were visible to the outside world to do whatever their jobs were and not provide gateway services as well.

As it turned out, one of those two hosts would still be forwarding work to an otherwise unknown server within the LAN; a small piece of the problem that would have been nice to know earlier.

I believe that you have a better grasp of how to handle complex networking issues than I do and will leave you to support the OP at whatever level you can tolerate. (I'll probably go back and re-read your comments to the OP to glean any nuggets of information that I can use for later.)

Thank you for the information you've provided in this thread!