[kwlug-disc] Multiple gateways on one subnet
paul_nijjar at yahoo.ca
Fri May 22 11:20:01 EDT 2009
I think this e-mail might be even less coherent than my last question,
but here goes:
We are in the process of setting up two Internet connections for the
organization. To our network this looks like two gateways -- one at
our 43 Queen building and one at 58 Queen. As any of you who have
attended KWLUG meetings know, there is a crummy wireless link that
joins the buildings. Each connection has an IPCop box joining it.
The machines are all supposed to be on the same subnet, and I really
don't want to split them up at this point.
One goal is to use the 43Q gateway as a backup for the 58Q one.
I sort of have that working by specifying multiple gateways when I
hand out DHCP addresses. I don't think this is an ideal solution -- my
preference would be to have the IPCop route to each other when their
internet connection goes down -- but the solution I have is Good
Enough for now.
Another goal is to have the clients at 43Q use the 43Q internet as
their primary gateway, and to have the clients at 58Q use the 58Q
internet. I don't know how to get this working nicely:
- A different server hands out IP addresses via DHCP. Maybe if I
fiddle enough I could set up different server pools with different
default gateways, but then I
have to go around hardcoding MAC addresses to distinguish 43Q
computers from 58Q ones. It can be done, but it is brittle.
- I could block DHCP packets from flowing across the wireless link,
and then put a separate DHCP server (with non-overlapping address
ranges) on each side. The problem is that I don't really know of a
good way to do this filtering. The wireless boxes do not come in
with built-in firewalls so I can block the DHCP ports.
I could maybe put another computer or device behind one of the
wireless devices, but I don't know how to do this without changing
the subnet (since all the firewall devices I know of are routers).
This also adds another point of failure to the system.
These are the ideas I have so far. Is there another solution I am
missing? If you were in my situation what would you do?
I know that if I was cool I would be asking about load balancing and
stuff, but really I don't care. At this point I would be happy with
simple transparent failover and the ability for my client computers to
use the network connection that is on their side of the street.
More information about the kwlug-disc