[CentOS] Two Internet connections...

Wed Mar 26 20:35:36 UTC 2008
Ross S. W. Walker <rwalker at medallion.com>

Frank Cox wrote:
> On Wed, 26 Mar 2008 13:08:58 -0700
> Timothy Selivanow <timothy.selivanow at virtualxistenz.com> wrote:
> > The only way that you would be able to use them is a semi-load-balancing
> > formation.  What I mean by "semi" is that all traffic that exits one
> > interface will always return to that one.  Also, an entire transaction
> > will go over only one of the lines, meaning you will only get the
> > throughput of one line at a time.
> That's pretty much what I had in mind.
> I'm thinking that this sort of setup can't be too uncommon in "big" small
> business networks.  An office with 600 networked computers won't be sucking on
> one measly DSL line, but they might be using ten at a total cost that's less
> than a high-capacity dedicated connection.


If you had 2 Internet firewalls each with their own default route, each
doing NAT. On each of these firewalls you had a squid process running
proxying requests and chaining requests from one squid to the other
depending either on, request content, firewall load or Internet
availability. Then you would have some resemblence of un-bonded
load balanced Internet connections.

You could run a Xen box with 2 domUs each a firewall with squid and
ran another squid process in dom0 that would chain to the best of
the others on that box. You could even do some fancy routing with
gated where you would have a primary default route and a backup
default route advertised to dom0 and if the connectivity on any
of the domUs goes down, have it stop advertising it's default
route. Then have dom0 advertise itself as the default route on
the local LAN.


This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.