Hi everyone!
I came here from the official forum (now we subscription needed to start a new topic on the vyatta.org? For me it is very disappointing…)
At last time, tried to deploy WAN failover…
To start I setup very basic router (config: int, dhcpd, nat)
Connection diagram (included file vyatta_golas)
In this config everything works fine.
When I check the route from pc to exchange server (connected direct to public address near ISP gateway) I recived trace:
Trace to 85.194.204.8:
1 <1 ms <1 ms <1 ms 192.168.1.1
2 <1 ms <1 ms <1 ms 87.204.194.8
Completed
But, when I setup load-balancing failover i have a lot of problems…
Of course, failover works very fine… Problem is in another place.
Please look at my second image (incl. failover diagram)
load-balancing configure:
[quote]load-balancing {
wan {
interface-health eth0 {
failure-count 2
nexthop 85.194.204.1
success-count 1
test 10 {
resp-time 2
target 4.2.2.1
ttl-limit 1
type ping
}
test 20 {
resp-time 2
target 4.2.2.2
ttl-limit 1
type ping
}
}
interface-health eth1 {
failure-count 2
nexthop 192.168.2.254
success-count 1
test 10 {
resp-time 2
target 4.2.2.1
ttl-limit 1
type ping
}
test 20 {
resp-time 2
target 4.2.2.2
ttl-limit 1
type ping
}
}
rule 10 {
failover
inbound-interface eth2
interface eth0 {
weight 10
}
interface eth1 {
weight 1
}
protocol all
}
}
}
[/quote]
protocols configure:
[quote] static {
route 4.2.2.1/32 {
next-hop 87.204.194.1 {
}
}
route 4.2.2.2/32 {
next-hop 192.168.2.254 {
}
}
}
[/quote]
My problem in between servers in DMZ (exchange, ssh servers) and LAN PC’s. With load-balancing failover idea I understanding that I need to setup nexthop parametr (this is gateway for internet connection) but now when I trace route to 85.194.204.8 i recived:
1 <1 ms <1 ms <1 ms 192.168.1.1
2 1 ms <1 ms <1 ms 87.204.194.1
3 <1 ms <1 ms <1 ms 87.204.194.8
This is no logic because package must go to ISP router and after this back to DMZ switch… That’s no problem form me, it’s only one hopes but… Now I have a lot of problems with connections to the DMZ zone:
Outlook client’s display still information: disconnect / connect - users cannot sent mails but they recive messages…
The same problem is with connection to SSH server. I can login to server, but after 3-5 sec i have message: connection abort.
I try to add additional static route but without result…
Mayby I must config routing protocol?
Thanks for reply
Regards
Jacek