From: Fraser Campbell (fraser_at_starnix.com)
Date: Sat Jan 11 2003 - 05:48:48 CET
Hi,
I have a situation where we have dual-homed Freeswan firewalls. The extra
link is simply for redundancy but since both links are very reliable we'd
like to try to utilize both for improved performance.
I'd hoped this could be implemented by bringing up identical tunnels with the
left and right endpoints adjusted so that they're bound to the alternate
connection on the ipsec1 interace, the current tunnel would remain on ipsec0.
We would then do something like this:
ip route add 192.168.1.0/24 nexthop dev ipsec0 weight 2 \
nexthop dev ipsec1 weight 1
When I try to bring up the extra tunnels I get this:
Jan 10 22:35:25 XXXXX Pluto[21173]: "DC-NY-DMZ" #5: cannot route -- \
route already in use for "DCT1-NYT1-Subnets"
I'm using an older Freeswan (1.91) any chance that this will work in a newer
version? Perhaps I'm just crazy thinking that I can put an identical route
on two different interfaces (with or without Freeswan).
Thanks for any assistance,
-- Fraser Campbell <fraser_at_starnix.com> Starnix Inc. Telephone: (905) 771-0017 ext. 223 Thornhill, Ontario, Canada http://www.starnix.com/ Professional Linux Services & Products _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Jan 15 2003 - 20:11:38 CET