Butting into the thread ;-) I am using CenOS on my machines, with an IPcop Internet Gateway, only one public IP and Web/Mail/DNS Servers in DMZ (private C Class) as well as Lan. Overall am bit satisfied with it...low maintainence, except for some manual tinkering or addons for outbound connections. BUT failover on WAN side seems to be becoming a requirement. Have been asked to device a shoe-string (and a small string at that) strategy to mix DSLs, lowspeed leased line (they are expensive here in India) and a DVB VSAT connection (DirecPC) in future. Issue with DSLs is that the gateway has to be capable of handling Dynamic IPs as well as Static IPs, in addition to private IPs allocated by the ISP (they do transparent proxy/NAT). Wan Failover is to be handled. One idea I was thinking of was a commodity Switch in front of (WAN interface) the IPcop box and some fancy IProute2/Nexthop footwork. Second was to find an opensource distro that did WAN failover unlike IPcop...so am exploring the leads from this thread. I will be implementing Snort with database backend to analyse security aspects and maybe even script some blocking/IPS features/opensource projects including the layer 7 firewalling. So basically, I am planning to go with open source setup, as I feel that the kind of setup I want, I will have to sell my soul (even the devil does not seem to want it!!) or my Company to buy a commercial product. Request please advise if someone can point me to an open source/GPL project that can either add WAN failover/load-sharing/load-balancing & port based traffic partitioning capabilities to some firewall distro or minimal centos install for creating a Firewall gateway. Pointers to literature/resources/projects on various issues mentioned above will be appreciated. With best regards. Sanjay.