[ale] Routing and failovers

Alex Carver agcarver+ale at acarver.net
Thu Jul 9 10:25:11 EDT 2015


On 2015-07-09 06:59, Derek Atkins wrote:
> Hi,
> 
> Alex Carver <agcarver+ale at acarver.net> writes:
> 
>> Anyone have experience setting up dual WANs for failover (my guess is
>> there's a couple of you or I wouldn't really email the list ;) ).
>>
>> I'm thinking about putting in a cellular modem at home to act as a
>> secondary/backup WAN link for critical functions (alert emails, security
>> system access) in case the primary WAN (DSL) drops.  I don't want
>> traffic going over that link unless the DSL is dead so this is a true
>> failover rather than a load balance (or I suppose it's a load balance
>> with a ratio of infinity weighted towards the DSL)
>>
>> My first thought was to use something like a Ubiquiti EdgeRouter Lite
>> (maybe need to go to the EdgeRouter 8, not sure) with two WANs
>> configured and then the NAT and public assignments behind the third
>> port.  It appears EdgeOS can do two WANs but it's not clear from what
>> I've been able to dig up so I wanted to find out if there are
>> other/better options or suggestions.
> 
> If you've got a routable network you could set up tunnels on both sides
> and use something like BGP to choose which link to use.
> 
> However if you're just using NAT and trying to decide "hey, my main link
> is down, let me switch over to using NAT over the other link", then I'm
> afraid I don't know a good way to do that.  You probably don't want to
> have this automated, because all your existing connections will break if
> that happens.

Yeah, that's my problem, I have routable and NATed networks (I have a
static /29 and I use one for a NAT).  I'm ok with having the connections
drop briefly because the critical functions will all reestablish
connections or are waiting for incoming connections.  The hard part is
trying to figure out how to set a system up that can potentially have
two different public IPs (one from the DSL modem and one from the
Cellular modem) and still be able to NAT to the same internal endpoints.
 For example, right now the OpenWRT router has one public IP and most
things are hanging off the NAT side.  But I'd somehow need to make that
transparent in the event of an IP change during a failover.



More information about the Ale mailing list