@mfoley
You're welcome!
Richard Cranium's suggestion added another NAT and DHCP server in your network, a third redundancy if you will. You could get the two switches out and rename the "New Router" to Host C and you'll have a copy of Host A or B only with the public IP 100.100.0.7 and the private IP 192.168.0.1, private IP which is also the gateway for the private LAN hosts connected to it, that's the ones that got their configuration from the DHCP server running on the New Router.
You haven't mentioned the need for port forwarding until now but only high availability. I'm afraid that this is complicating your setup a little bit since you use 3 (originally 2) dhcp servers and 3 different gateways (originally 2) for your LAN, all this under static routing and no (at least) VRRP.
https://en.wikipedia.org/wiki/Vrrp
You should have control (based on MAC) over which of these DHCP servers will provide the host 192.168.0.58 with its IP configuration just to make sure that it uses the LAN gateway from host A (192.168.0.2) where you defined your port forwarding.
I don't have your whole firewall rules set but you should be aware that you are expecting new connections on Host's A 100.100.0.5 port 1453 (have a listening service on 192.168.0.58:9595) and you need to allow them to get in and get DNAT-ed.
Code:
iptables -A INPUT -i eth0 -m state --state NEW -p tcp --dport 1453 -j ACCEPT
iptables -A FORWARD -p tcp -d 192.168.0.58 --dport 1453 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1453 -j DNAT --to-destination 192.168.0.58:9595
If you want to always be able to connect to your public Host's A 100.100.0.5:1234 from outside then your easiest option is to run a DNS server on your own and do the "public" failover through DNS, use my suggested setup with the third NIC card.
EDIT>
Use your port forwarding DNAT rule on host A together with another DNAT for the time this host has no connectivity to the Modem and fails over on host B:
Code:
iptables -A INPUT -i eth2 -m state --state NEW -p tcp --dport 1453 -j ACCEPT
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 1453 -j DNAT --to-destination 192.168.0.58:9595
Then on host B add:
Code:
iptables -A INPUT -i eth0 -m state --state NEW -p tcp --dport 1453 -j ACCEPT
iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 1453 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1453 -j DNAT --to-destination 10.0.0.2:9595
Finally, define and use a public hostname (your own registered domain name) for covering/switching your public IPs and accessing your service on port 1453 from outside. But then again, you only have one link with the same gateway connected to your only ISP, there's no redundancy there. Try getting a second contract with a second ISP if you want to have true redundancy and your service/setup is that important.
Additionally, if you want to access the service on 192.168.0.58:9595 that bad, you shouldn't have got it on LAN (private network) under NAT in the first place, I regard this as a conceptual problem.
You see, this is getting a little bit over Slackware and more into Firewalling and Advanced Routing, you definitely need to master these for your
not that simple anymore setup