[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

2 connection fail-over and binat

I have a puzzle and I think I have confused myself trying to work it
The bit I think is relatively easy:
I have 2 totally independant ADSL connections. One is 2Mb/s burstable
to 4 and the other is 512kb/s. Those are the downlink speeds - the
point is they are way different is speed.
I want to ensure that the low speed link can be used if it is up and
the fast one is down and it seems like OpenBSD's ifstated will allow
link testing and could allow default route switching. That <seems> to
be possible.
Next. Email is the most important service. The server is currently
binatted to a LAN address so the fast link has access and the outbound
mail gets out too. The binat stuff is done by OpenBSD 3.8 pf.
If I binat an address on the slow link to the same LAN IP (or even
another one aliased on the server NIC) and advvertise the slow IP as a
secondary MX then it seems that mail will be able to arrive.
Where my mind blurs is in dealing with outbound mail when the fast link
is down. My guess is that the server will be bound to one IP for
outbound mail and it will not be easy to alter that.
If both links have a binat rule then mail arriving at the
firewall/router will be translated to the public IP and if that one is
on the failed link, we are stuck.
Can I do something with the ifstated stuff to re-route that outbound
traffic to the working link? Perhaps chnge the binat to point to an
address on slow link other than the one that does the secondary MX
Creative thinkers, where are you?
In the beginning was The Word
and The Word was Content-type: text/plain
The Word of Rod.
Do NOT CC me - I am subscribed to the list.
Replies to the sender address will fail except from the list-server.