[LARTC] Re: gateway failover with linux

Grant Taylor gtaylor at riverviewtech.net
Sun Jul 22 20:23:31 CEST 2007 

On 7/20/2007 9:03 PM, Mohan Sundaram wrote:
> I think my point was misunderstood. Let us say each of these Linux 
> boxes are connected to a WAN link each. If the WAN gateway/link of a 
> box goes down, vrrp must flag itself down or as secondary. Some 
> similarity to our earlier discussions on redundant gateways. This 
> feature of object tracking is available in CISCO (their patent) but 
> only tracks the interface status and not the gateway reachability. 
> I'd love to have a feature where gateway reachability is tracked.

Each firewall / router / gateway having its own independent wan / 
internet connection makes things a bit different.  First of all, each 
will have its own public IP address for the associated WAN link and as 
such probably have it's own NAT configuration.

I wonder, what type of WAN connection are these?  Could both be hooked 
up to both gateways?  In other words are they ethernet or something that 
gets bridged to ethernet or are they some sort of legacy WAN link, i.e. 
T1, Frame Relay, ATM?  If you could connect the WAN links to both 
systems, you can have even more functionality and you would be back to 
what I was originally thinking except for the fact that instead of one 
WAN connection, you have two to make each router aware of.

At the very least, I think you will need to make each router aware of 
the other one.  This way, if a router's (primary) WAN link is not usable 
it can route the traffic over to the other router and have it route the 
traffic out to the world.  Thus each router would have a primary default 
gateway of the router at the other end of its WAN link *AND* a secondary 
default gateway of the other router that it is connected to.

I also think that you are very close to needing to use some sort of 
monitoring utility / daemon to check the status of the WAN link *AND* to 
make the other router aware of the status.  This may be easily done with 
a small daemon to monitor the link and update the local routing table in 
conjunction with a routing protocol between the two routers to keep each 
aware of the others routing table.

If you have any more information on Cisco's technology I'd be interested 
in doing some reading about it if you would care to toss it my way.



Grant. . . .

More information about the LARTC mailing list