Date: Mon, 4 Mar 2002 18:29:22 +0000 From: Chip Wiegand <chip@wiegand.org> To: Edwin Groothuis <edwin@mavetju.org> Cc: d01f1n@yahoo.com, questions@freebsd.org Subject: Re: multiple defaultrouter Message-ID: <20020304182922.18df46ea.chip@wiegand.org> In-Reply-To: <20020304171534.H576@k7.mavetju.org> References: <20020304001952.PLTC8848.mta02-svc.ntlworld.com@there> <005301c1c32f$21a623a0$1e01a8c0@lc.ca.gov> <20020303214112.2e786336.chip@wiegand.org> <20020304171534.H576@k7.mavetju.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 4 Mar 2002 17:15:34 +1100 Edwin Groothuis <edwin@mavetju.org> wrote: > On Sun, Mar 03, 2002 at 09:41:12PM +0000, Chip Wiegand wrote: > > On Sun, 3 Mar 2002 19:46:11 -0800 > > "Drew Tomlinson" <drew@mykitchentable.net> wrote: > > > > > ----- Original Message ----- > > > From: "Mike D" <d01f1n@yahoo.com> > > > To: <questions@freebsd.org> > > > Sent: Sunday, March 03, 2002 4:19 PM > > > Subject: multiple defaultrouter > > > > > > > > > > I have a machine that sits in the dmz and needs to be use 2 > > > > firewalls as > > > > gateways as possible, otherwise one firewall does not not know > > > > what to do > > > > with traffic intended for the other one. > > > > > > > > Basically, how do i specify 2 "defaultrouter"s for 1 machine? > > > > > > I don't think this is possible. What exactly are you trying to > > > do? Can you include a diagram of your setup? > > > > > > Drew > > > > I'd be interested in the answer to this also. I know it's possible > > on a winNT box - to have two differant gateways. If it's possible on > > a winblows box, then it must be possible on a FreeBSD box, right? > > ;-) > > But what does it do then? > Does it send every other packet to the other gateway or is it saving > the second one in case the first one dies? In the case for one particular nt box at work - when connecting to a web site it tries the two gateways, gets through to the net on the first one and is happy. When it connects to our cross-country office via our vpn, it can't get there via the internet gateway, it tries the second gateway and gets through, it's happy again. (Our vpn is a dedicated dsl line between Seattle, WA and Dania Beach, FL) -- Chip > Honestly, the problem of this guy (two firewalls) is a problem in > the fact that his firewalls can't resume statefull sessions if one > dies. Big deal, this has always been a problem. What he should do > is make a firewall-pair which have one unique IP address (per server) > and one shared IP address. They have to monitor each other and the > standby one has to take over the moment the active one isn't working > anymore. The shared IP address is the one which is his default > gateway. > > Edwin > > -- > Edwin Groothuis | Personal website: > http://www.MavEtJu.org edwin@mavetju.org | Interested in > MUDs? Visit Fatal Dimensions:------------------+ > http://www.FatalDimensions.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020304182922.18df46ea.chip>