I've just checked this setup and it works as expected. Of course instead
of 0.0.0.0 one should put the host ip address assigned to the particular
userid.
Yet there's a small problem. We have remote LANs connected via leased
lines to a portmaster. These LANs also have dialin logins configured
in radius so they are able to use dialup backup if leased line fails.
Leased line ports are configured for hardwired connection - there's no
need to authenticate a connection in this case. Hence no radius entries.
Hence need to put in a static route on this particular portmaster.
Now if the leased line fails and they dial into a *different*
portmaster everything's ok except that the first portmaster keeps
the old (now invalid) route and the remote LAN is not accessible
from it and all the networks connected to it. If they dial into
the first portmaster everything's ok. We can't guarantee they
dial into always though.
There are are workarounds for this problem:
- have them to authentificate via login/password even via leased line
(artificial and not viable in some cases)
- add the static route with a metric value guaranteed to be greater than
any RIP-derived route from all portmasters they can dial into.
The second workaround is viable in most cases but a very few ones.
But there exists a simple solution which requires a minor change
in the way ComOS manages the routing table.
Just extend the syntax of "add route" command to allow extra trailing
parameter. Coll it something like "override". If it is omitted
(the default, old behavior) process the route as it is processed now.
If it is specified allow *any* dynamic route to the same network
to override the static route no matter what the metrics are.
Many routers allow this, and 3Com's NetBuilderII has exactly this
"override" parameter.
-- Igor V. Semenyuk Internet: iga@sovam.com SOVAM Teleport Phone: +7 095 258 4170 Moscow, Russia Fax: +7 095 258 4133