[ previous ] [ next ] [ threads ]
 
 From:  "Kevin Coleman" <kevin at gabu dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] 2 adsl
 Date:  Thu, 2 Sep 2004 08:07:50 -0700
I only recommend this solution as a last resort as it will increase the
complexity of your network, add additional equipment, reduce
reliability, and increase the effort to maintain the system.

Rather than adding another connection, I first recommend considering a
larger one. If that is not possible, I recommend getting a router
capable of true load balancing and connection failover. If all that is
not possible, then go for this solution.

First, you will need 2 m0n0wall systems with 3 interfaces. You will also
need two switches for your internal network (or 1 w/ VLAN capabilities).
The WAN port on each m0n0wall connects to one DSL modem. The LAN port of
each m0n0wall connects to one of the two switches. Finally, the OPT1
port connects to the other m0n0wall via a crossover cable.

Configure the WAN port for each m0n0wall with the public IP information.
Configure m0n0wall 1, LAN 1 for one network (e.g. 192.168.1.0/24).
Configure m0n0wall 2, LAN 2 for another network (e.g. 192.168.2.0/24).
Configure the OPT1 interface on each m0n0wall for a third network (e.g.
192.168.3.0).

Set up DHCP on each m0n0wall to hand out IP addresses for its LAN
interface in the appropriate network address range.

Finally, you'll need to add static routes in each m0n0wall to the other
m0n0wall can find the network on the other segment and configure the
proper firewall rules to permit access.

I might be missing a significant detail someplace as I haven't tried
this myself and I'm doing this off the top of my head. However, this is
a basic sketch of what needs to be done.

(K)

-----Original Message-----
From: kemal asad [mailto:kasadsyed at alicemail dot fr] 
Sent: Wednesday, September 01, 2004 5:26 PM
To: Kevin Coleman
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] 2 adsl

i like your low tech (segment ) solution. but i need a tutorial on how
to do that specially the setup of the dhcp such as it give a different
getaway to the  subnet.something on subnet masks would be nice
too.please if you have any leads send them to me please do
thanks
Kemal

Le jeu 02/09/2004 ` 04:06, Kevin Coleman a icrit :
> Another possible low-tech solution is to segment your network and set
up 
> each segment to use a different gateway and different pipe to the
Internet. 
> This doesn't provide dynamic balancing, but would give more effective 
> bandwidth and reduce contention on the internal network. You'd have to
also 
> route between the segments which could reduce internal throughput to
systems 
> across the segment boundary.
> 
> (K)
> ----- Original Message ----- 
> From: "Andrew J. Erickson" <aje at umn dot edu>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Wednesday, September 01, 2004 6:06 PM
> Subject: Re: [m0n0wall] 2 adsl
> 
> 
> > This thread seems to discuss the problem. True connection load
balancing 
> > seems to require expensive hardware and ISP support (for BGP or
OSPF), but 
> > this might work...
> >
> > start: 
> >
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/isp/2004-05/0069.html
> > possible solution:
> >
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/isp/2004-05/0081.html
> >
> > Andy
> >
> > pmok at optushome dot com dot au wrote:
> >
> >> Sorry dude, m0n0wall does NOT have Load Balancing capability. It'll
take
> >> quite a while to implement and perfect this. It may or may not be a

> >> feature
> >> in the future, but not now.
> >
> >
---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>