[KLUG Members] Dual internet connection devices?

[Mike Williams]

>
> From:
> Adam bultman <adamb at glaven.org>
>
>
>Greetings.
>
>I've been tasked with assisting a customer figure out their internet
>connection for a new product they have purchased.
>
>The purchase of a product means that their data and work isn't done
>in-house anymore, but via the internet.
>
>They currently have a verizon DSL connection which isn't the most solid,
>so they've been thinking of getting comcast cable as their 'second'
>connection. Both would have static IP addresses.
>
>Currently, they use a windows box to provide firewalling and NAT, but
>the version they have (ISA is what the guy kept saying) doesn't handle
>two different connections.
>  
>
If this is a SOHO operation, he likely means ICS, Internet Connection 
Sharing?  There's also a server product that used to be called Proxy 
Server that has evolved into something with a name similar to IAS.  I've 
never worked with it, though.

>My initial response would be 'cisco', except that this guy is a
>Microsoft guy and might not be the most comfortable with fiddling with
>configs, or waiting for me or another admin to call up and walk him
>through things.
>  
>
Good call on both counts.  Cisco gear is excellent, but it's not trivial 
to learn.

>Are there easy, hardware-style products that'll help with this?  He
>mentioned ZyWall, which will do both dual internet connections and VPN
>(which is required - he will have a VPN to us).
>
>Any suggestions, stories, or anecdotes?
>
>Adam
>
>  
>
My firewall / NAT router is an old 500Mhz SuSE 9.3 box with 2 NICs.  If 
you need to do 2 redundant Internet connections, drop a third card in it 
or (less likely to work) connect both modems through a small hub.  The 
YAST firewall configuration module is excellent, although you might have 
to edit a config file to do fancy stuff.  It's very well documented, 
though, to the point that even a Windows guy could figure it out!  I've 
never tried this, but if you set the routing to use both of the Internet 
connections with different metrics, shouldn't the machine use the lower 
one but fail over to the secondary if the first one goes down?  Make 
sure that the DSL and cable "modem" of the primary is just a modem not a 
NAT router, though, as that would complicate things.