D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: yabbax on January 28, 2010, 11:48:48 PM

Title: 2 * SMTP In with 2 WAN Connections with DFL1600
Post by: yabbax on January 28, 2010, 11:48:48 PM: Hi,

i would install redundant incoming Mail. I have two dsl lines. one via cable and one via telephone.
My aim is having alway incoming mailtraffic, even if one line is broken.

i have two mx record with same priority for my domain.

Is that scenario possible with the dfl1600?

Second idea: is it possible to set the dfl, that all outgoing traffic- for example http traffic- is split for the two WAN lines?

regards
thomas
Title: Re: 2 * SMTP In with 2 WAN Connections with DFL1600
Post by: Fatman on January 29, 2010, 07:53:26 AM: Use firmware 2.26.00.

Ensure your default routes have route monitoring enabled and that route monitoring works.

Use a routing rule that allows incoming traffic on WAN2 to use a secondary routing table where WAN2 is the primary gateway as it's return table.

Use IP rules that would SAT and Allow traffic from both IPs to the mail server.

You can use the route load balancing as of 2.26.00 to split your traffic across WANs, I recommend sticky destination.

Use IP rules that allow outbound traffic out both WANs.
Title: Re: 2 * SMTP In with 2 WAN Connections with DFL1600
Post by: yabbax on February 05, 2010, 12:49:09 AM: @fatman
thanks for your reply.
in the meantime i updated my dfl to firmware 2.26 and i tried to implement 2 SMTP_IN on 2 WAN Ports.
simultaneous i implemented a wan failover.

Now, my routing table looks like this:
Quote
main
# type interface network gateway loc.IP Metric Monitor
1 route wan1 all-nets wan1_gateway 80 yes
2 route wan2 all-nets wan2_gateway 90 yes
3 route wan1 wan1net 100 no
4 route wan2 wan2net 100 no
5 route lan1 lan1net 100 no

and

Quote
wan2
# type interface network gateway loc.IP Metric Monitor
1 route wan2 all-nets wan2_gateway 50 no
2 route wan2 wan2net 50 no

and

Quote
ip-rules
# name action so. interface s.network dest. interface dest. network service
1 smtp_in sat any all-nets core wan1_ip smtp_in
2 smtp_to_lan1 allow any all-nets core wan1_ip smtp_in

Quote
ip-rules
# name action so. interface s.network dest. interface dest. network service
1 smtp_in sat any all-nets core wan2_ip smtp_in
2 smtp_to_lan1 allow any all-nets core wan2_ip smtp_in

Quote
routing rules
name: wan2_routing
forward: main
return tbale: wan2
services: all-services

source interface: wan2
source network: all-nets
destination interface: core
destination network: wan2_ip

is that correct (wan failover and smtp_in is working, but perhaps you have a better or other configuration)?

second idea was route load balancing. i looked at the manual but i didn't find something about that.
what have i to do to get it working?

i don't understand what to do.
is the only thing to do, implementing a route balance instance? do i need another routing table or are the aboves one correct?
which algorithm is the best and how are they working?

thanks in advance.
Title: Re: 2 * SMTP In with 2 WAN Connections with DFL1600
Post by: Fatman on February 05, 2010, 09:14:59 AM: I would change the metric of the default routes to be higher than the rest of your routes, and I would make them both the same metric.

route balancing requires that you have 2 routes for the same destination (in this case all nets) at the same metric.

After that it is just a matter of making an instance and watching it go. As far as types, just use sticky dest.