|
||||||||
I only recommend this solution as a last resort as it will increase the complexity of your network, add additional equipment, reduce reliability, and increase the effort to maintain the system. Rather than adding another connection, I first recommend considering a larger one. If that is not possible, I recommend getting a router capable of true load balancing and connection failover. If all that is not possible, then go for this solution. First, you will need 2 m0n0wall systems with 3 interfaces. You will also need two switches for your internal network (or 1 w/ VLAN capabilities). The WAN port on each m0n0wall connects to one DSL modem. The LAN port of each m0n0wall connects to one of the two switches. Finally, the OPT1 port connects to the other m0n0wall via a crossover cable. Configure the WAN port for each m0n0wall with the public IP information. Configure m0n0wall 1, LAN 1 for one network (e.g. 192.168.1.0/24). Configure m0n0wall 2, LAN 2 for another network (e.g. 192.168.2.0/24). Configure the OPT1 interface on each m0n0wall for a third network (e.g. 192.168.3.0). Set up DHCP on each m0n0wall to hand out IP addresses for its LAN interface in the appropriate network address range. Finally, you'll need to add static routes in each m0n0wall to the other m0n0wall can find the network on the other segment and configure the proper firewall rules to permit access. I might be missing a significant detail someplace as I haven't tried this myself and I'm doing this off the top of my head. However, this is a basic sketch of what needs to be done. (K) -----Original Message----- From: kemal asad [mailto:kasadsyed at alicemail dot fr] Sent: Wednesday, September 01, 2004 5:26 PM To: Kevin Coleman Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] 2 adsl i like your low tech (segment ) solution. but i need a tutorial on how to do that specially the setup of the dhcp such as it give a different getaway to the subnet.something on subnet masks would be nice too.please if you have any leads send them to me please do thanks Kemal Le jeu 02/09/2004 ` 04:06, Kevin Coleman a icrit : > Another possible low-tech solution is to segment your network and set up > each segment to use a different gateway and different pipe to the Internet. > This doesn't provide dynamic balancing, but would give more effective > bandwidth and reduce contention on the internal network. You'd have to also > route between the segments which could reduce internal throughput to systems > across the segment boundary. > > (K) > ----- Original Message ----- > From: "Andrew J. Erickson" <aje at umn dot edu> > To: <m0n0wall at lists dot m0n0 dot ch> > Sent: Wednesday, September 01, 2004 6:06 PM > Subject: Re: [m0n0wall] 2 adsl > > > > This thread seems to discuss the problem. True connection load balancing > > seems to require expensive hardware and ISP support (for BGP or OSPF), but > > this might work... > > > > start: > > http://unix.derkeiler.com/Mailing-Lists/FreeBSD/isp/2004-05/0069.html > > possible solution: > > http://unix.derkeiler.com/Mailing-Lists/FreeBSD/isp/2004-05/0081.html > > > > Andy > > > > pmok at optushome dot com dot au wrote: > > > >> Sorry dude, m0n0wall does NOT have Load Balancing capability. It'll take > >> quite a while to implement and perfect this. It may or may not be a > >> feature > >> in the future, but not now. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > |