Again two ADSL lines, routing problems

Andrea Venturoli ml at
Thu Jul 12 10:53:21 UTC 2007

I have a setup where a FreeBSD box is connected to two ADSL routers: 
default gateway is set to the first and, in case of failure, is moved to 
the other one. This works perfectly for outgoing connections: in the 
event of the switch, I'll have to reconnect, but that's acceptable.

The problem is in the incoming connections: if I get one on the "backup" 
router, this will reach the server, which will however answer through 
its "default" router. Thus the remote client will see packets coming 
back from a different host and things won't work.
Just to be clear, the packets travel as follows (with source and dest IP 
in brackets):
Client (x.x.x.x) -> Backup router (y.y.y.y)
Backup router (x.x.x.x) -> Server (z.z.z.z)
Server (z.z.z.z) -> Default router (x.x.x.x)
Default router (v.v.v.v) -> Client (x.x.x.x)

So the client (x.x.x.x) connects to y.y.y.y (the backup ADSL public IP), 
but gets answers from v.v.v.v (the master ADSL public IP).

AFAIK there is no solution to this, but I tought I'd ask before giving 
my official opinion to my customer.
Perhaps there's some sort of hack we could use, that through 
ipfw/natd/other diverting daemon/whatever delivers answers based on the 
MAC address of the incoming connections (if the MAC address belongs to 
the backup router, use that for answers)... does anyone know?

