On 10/10/2012 04:32 AM, Steve Clark wrote:
Thanks for the response. We have 450 units in the field and have only needed to do this at one site. I am using a userspace script to monitor the viability of each isp and changing the routing accordingly as described in the LARTC document. Our units in the field use CentOS so we don't want to use a custom kernel outside of what CentOS provides. That's why I am reluctant to use the patches at
No patches are required to use the configuration that is generated by Shorewall. If you're not extremely experienced with iptables and 'ip rule', you're a lot better off using something like Shorewall to generate your configurations. As I previously suggested, you should at least generate working configurations with shorewall and then reviewing them to learn *why* they work before attempting to do multi-isp setups by hand. You will save yourself a lot of trouble that way.