dual ISP firewall cluster in linux

Question

For the past couple of weeks i have been trying to figure out how to make firewall cluster, each having different ISP.

I have found few guides on how to do it with one ISP using technologies like keepalived and conntrackd. For example this one.

Is there a way to use keepalived for ISP failover? For example if ISP1 goes down the backup firewall takes over with ISP2? And if not what are the other options?

If there are any questions I'm happy to answer.

score 1 · Answer 1 · answered May 09 '20 at 09:48

1

put the two ISPs on the same firewall/cluster. play with route priority to define the main and backup ISP. when an ISP goes down, the route is removed and the remaining ISP is used.

puting ISPs on separate instances complexify the failover.

answered May 09 '20 at 09:48

exeral

1,787
11
21

dual ISP firewall cluster in linux

1 Answers1