[ previous ] [ next ] [ threads ]
 From:  Travis Dixon <travisd at tubas dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] RE: serial interface support (external/internal POTS modems)
 Date:  Thu, 2 Dec 2004 17:53:11 -0500 (EST)
On Fri, 3 Dec 2004, Barry Mather wrote:

> As a slight side note, in about 8 locations I manage in the uk, I have
> vigor 2600 adsl routers running, they are adsl and isdn routers, they
> have a facility of when the dsl drops out, the isdn dials up, and
> maintains connectivity, even ipsec tunnels stay alive ! kind of
> important for running business critical applications, however, you need
> an isp that supports this dial backup method that'll give you the same
> routing and static ip on the dialup ... I use zen.co.uk for this. ...
> Might be worth someone taking a look at how they do it ...
> Having said that, in a few locations over here in OZ (where the isps
> don't support dial backup in this way) I am using efficient networks
> 5861 adsl / shdsl routers, the console port on them can be configured as
> a dial backup method, it works very well (tested in the uk) and the
> entire router runs on openbsd .... would be much easier to see how it
> does this ...

One thing though to keep in mind here is that those have the benefit of being
able to detect physical link state since they terminate the *dsl session directly.

The problem gets harder when you have another device in the way. It would see that
many people deply monowall via an ethernet connection to their [dsl|cable] modem. In
those cases, it's highly likely that even though those devices aren't pushing packets,
or the packets are getting lost on the far end, that the m0n0 interface will still
see things as being "up". I'd say that most dial-backup solutions out there currently
operate in a similar fashion - they rely on a link state and not a more vague "is it working
or not" to decide to dial and route via an alternate link.

Doing Dial-backup without relying on the physical interface would be a little more
difficult. My off-the-cuff idea would be to require the use of 3 or more "test" IP's
such as your upstream router, your ISP's web site, and maybe a 3rd party site. If
more than one of these are not responding, then bring up the dial-backup link. Make
the recovery time configurable -- if all 3 or 2/3 (or 4/5, etc) of the test sites
are stable, for a (configurable) 5 minutes, then switch back. Similar metrics such
as average ping time to the 3/5/etc sites could also be used to decide to go to backup.