I have an ER8 setup (1.8.5rc1)
- 1 LAN on eth0, with a number of machines using the ER8 for internet access, and some servers.
- 5 WANs on eth1, eth2, eth3, eth4, eth6 in load balancing mode connected to (mostly VDSL) modem/routers.
The modem/routers have distinct gateways and non-overlapping subnets. The ER8 is their DMZ, allowing selected ingoing traffic from the internet to reach designated server on the LAN. The load balancing is basic: a single gorup, using "sticky" to solve the problem that some servers do not like to see multiple IPs for a session. That works solidly.
I need to temporarily, without a reboot, make multiple exceptions to the load-balance policy, so that (TCP) connections initiated by a certain LAN machine (identifiable by IPv4) use a certain modem/router (that's in order to match the access pollicy of some server where the external IPv4 of that modem/router is whitelisted). I do not care what happens if that modem/router goes down. I need to have several (up to 4) such exceptional rules actives at a certain time.
How do I do that? I hesitate to use a firewall rule modifying the lb-group, because that requires to create extra load-balance groups with a single modem/router in each, and I previously had issues with 3 load-balance groups (admitedly complex: each had a significant subset of my modem/routers).
