News: This forum is now permanently frozen.
Pages: [1]
Topic: DHCP to give second backup gateway address  (Read 6125 times)
« on: September 15, 2008, 15:19:18 »
knightmb ****
Posts: 341

Maybe not a typical DHCP setting, but I have a network that has two DSL modems, one for main use and the other for backup.

Network setup looks like

DSL -> m0n0wall -> Switch -> Workstations & Extra DSL Modem

Basically, m0n0wall is 192.168.0.1 and does DHCP for the whole network.  The second DSL modem uses a static 192.168.0.254 address and already does NAT, DNS, etc. all by itself.

It's easy enough to add a second gateway to the workstation, but multiply that by hundreds and it's no longer as fun.

My question is, can I have DHCP assign two gateways during the discovery process by the workstations so it gets 192.168.0.1 of m0n0wall and 192.168.0.254 of the backup gateway in case the ISP link to m0n0wall goes down for any reason?

Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
« Reply #1 on: September 15, 2008, 21:30:59 »
ChainSaw
Guest

if your clients are Windows based, I think you will find that option doesn't work all that well.  first off if the primary internet connection goes down, the client won't switch to the second  gateway unless you disconnect or power off you primary router/firewall.  even then the client keep tyring to use the primary first only to have it fail and then it switches to the secondary.  it does this over and over again.  there might be a fix for all this but so far I haven't found one.

CS...
« Reply #2 on: September 17, 2008, 06:21:01 »
knightmb ****
Posts: 341

Windows XP/2000 will after about 5 seconds of no connection (at which point they stick with the second gateway for a little while). I'm not sure about Windows Vista, but being based off of the 2000/XP line my guess the behavior would be the same.

I've done it for networks in which no down time is acceptable (bank, office, etc.) Basically, you just have a second internet gateway sitting out there, not being used until the primary goes down. Any OS (be if Windows, Linux, or Mac) all support this very well. Not sure how well Winblows 95/98/ME does, never tested it for that.

I know it works, I'm just curious if m0n0wall has a way to send out that info via DHCP so I don't have to manually configure hundreds of workstations (all which vary from Windows to Mac to Linux). Any info would be greatly appreciated.

Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
« Reply #3 on: September 17, 2008, 10:01:56 »
ChainSaw
Guest

Well I haven't tried Dead Gateway Detection in a while but last time I did I had the problems I mentioned.  Guess I need to give it another try.

CS...
« Reply #4 on: September 17, 2008, 14:50:30 »
knightmb ****
Posts: 341

It's not the best way to do a backup internet link, but when you have limited resources....   Wink

I know it would be better if I just used a router that supported two wan links with load balancing, but I would like to stay with m0n0wall if I can. The next question I know will be asked "what about DNS" which if the first one goes down how will the workstations resolve addresses.

The second gateway can also do DNS, so m0n0wall has it's IP as the 3rd DNS address, the first two being from the primary ISP DNS. The workstations just work down the list until they hit the 3rd one that works. I know, another 6 second delay until the workstation figures out which DNS is actually working.   Grin

It's not the fastest or probably best way to do a backup ISP, but it works "when no one is around" until the tech guy can come out and troubleshoot what is wrong with the primary ISP link. For the ones who need Internet all the time, slower access is much better than no access at all.


I've been reading up on Free BSD forums and I know it's possible, just not sure if this requires a simple hack in m0n0wall or if this would be a complete custom build.

Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
« Reply #5 on: September 17, 2008, 20:32:31 »
ChainSaw
Guest

for DNS I always use 208.67.222.222 and 208.67.220.220 (open dns).  I have had zero problems with them and they are much more reliable than my ISP's DNS servers.

CS...
« Reply #6 on: September 17, 2008, 21:30:10 »
knightmb ****
Posts: 341

That's true, those should work through either gateway, good idea.  I'm still stuck at having DHCP do a double gateway assignment though. Anyone have any ideas about the best way to get m0n0wall to do this?  Huh

Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines