May 27, 2010 at 8:13 am #42412
Hi, I’m new to ZeroShell, and very happy with it. Great product.
I have 2 different internet providers which are load balanced and one Lan interface. Each internet connection has an ADSL modem and firewall, and is exposing private IP addresses to ZeroShell.
Eth00 – External Internet 1 (Private subnet #1)
Eth01 – External Internet 2 (Private subnet #2)
Eth02 – Internal Lan (Private subnet #3)
Eth00 and Eth01 are NAT’ted together and the Internal Lan can access the internet, and connections are weighted 50:50 as expected (weighing is “1” on both external interfaces)
My question is….
Is it possible to set up ZeroShell to Load Balance according to available bandwidth on Eth00 and Eth01? If I’m download a big file on and Eth00 and this is using (say) 1.5Mbit/sec, can I configure ZeroShell to send all other internet requests to Eth01 until Eth01 is also using more than 1.5Mbit/sec, at which time new requests are sent to Eth00 again… and so on?
I’m try to avoid sending requests to an Internet connection that is already swamped.
Many thanksMay 27, 2010 at 8:31 am #50346
Regarding the original question I should have added:
The internal Lan (Eth02) connects to a Juniper Firewall, so the devices within the Lan are not visible to ZeroShell. All that ZeroShell see’s is the “Untrust” interface on the Juniper. All of the Lan devices are on the Juniper “Trust” interfaces.
Internet Provider #1 Internet Provider #2
| IP#1 | |IP #2 |
Any ideas?May 27, 2010 at 8:56 am #50347
Now I’m just embarrassing myself. Here’s the diagram:
Apologies for taking 3 posts to get this right!May 27, 2010 at 9:07 am #50348
First of all you can edit your posts to add or correct some info.
Secondly I think that the only way to load balance so accurately is on;y by creating a BOND of 2 vpn tunnels to a server on the internet with enough bandwidth. This will be your gateway and the BOND interface will load balance on packet level now, instead of connection level at load balancer.June 1, 2010 at 9:29 am #50349
Thank you for your ideas and comments. Unfortuneately I cannot use an external Internet Server to bond with, although I can see how it would solve this issue.
For now I have created some manual rules for the primary network traffic, and tried to split the rules to each interface.
I’ll keep looking for a solution based on load. Thank you for your help.
You must be logged in to reply to this topic.