Re: [tlug] WAN fail-over configuration in Linux-based router

On Thu, 5 Nov 2009 22:25:15 +0900
Jianshi Huang <> wrote:

> Could somebody tell me what's the best way to achieve WAN fail-over
> (backup) in a Linux-based router, e.g. openwrt or Vyatta open
> networking.
> Since full fail-over also needs support from ISP side. Any established
> connection can allowed to be dropped if one line drops. New
> connections would be routed to the backup line.

If you want true, real fail over, you need more than one ISP.

I'll outline here what you approximately need. But please be
aware that i'm not an expert in this field.

You will need multiple, independent connections to your location.
Independent means here, that each connection goes to a different ISP,
with different upstream providers (this is important, as a lot of smaller
ISP will happily sell you connectivity, but wont tell you that they
are nothing more than a reseller of a bigger ISP, and hence you'll have
introduced this upstream ISP as single point of failure).

Because you'll need to be reachable from different ISPs over different
routes, you'll need an AS (autonomus system) number and a PI (provider
independent) IP block. Both are not easy to get, ie you have to have
good arguments why you need an AS and a PI-block, what you want to do
with them and why it doesnt work otherwise (the reason is because the AS
space is nearly exhausted and those who manage border gateways do not like
small IP ranges in their routing table, with small equals anything smaller
than a /19).

Now that you have the connectivity, you need two routers that can talk
BGP so that you can announce that you are up and online and where you can
be reached from. It has to be two routers, because you want here redundancy

Of course, if you just need a backup internet connection
in case your ADSL line drops, that's a completely different matter ;-)


