From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?iso-8859-15?q?Ra=FAl_Alexis_Betancort_Santana?= Date: Thu, 12 Feb 2004 09:53:08 +0000 Subject: [LARTC] Multipath problems Message-Id: <200402120953.08772.rabs@dimension-virtual.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi all, I'm getting lot of problems with a multihomed linux router. I have 3 lines conected to my Linux Box, with 2.6.1 kernel with DgD patches= ,=20 and I have setup it that it does load balancing between the 3 lines, but I = have a problem with sending specific traffic (mail one) throught only one o= f=20 the lines. let me put my config bellow .. ------- Multiroute.sh --------- #!/bin/bash # CONFIGURATION IP=3D/sbin/ip PING=3D/bin/ping #--------------- LINK PART ----------------- # EXTIFn - interface name # EXTIPn - outgoing IP # EXTMn - netmask length (bits) # EXTGWn - outgoing gateway #------------------------------------------- # LINK 1 ADSL ISP1 EXTIF1=3Deth1 EXTIP1=AAa.bbb.ccc.ddd EXTM10 EXTGW1=AAa.bbb.ccc.eee # LINK 2 ADSL ISP2 EXTIF2=3Deth1 EXTIP2=BBb.ccc.ddd.eee EXTM2& EXTGW2=BBb.ccc.ddd.fff # LINK 3 Cable ISP3 EXTIF3=3Deth1 EXTIP3=CCc.ddd.eee.fff EXTM30 EXTGW3=CCc.ddd.eee.ggg #ROUTING PART # removing old rules and routes echo "removing old rules" ${IP} rule del prio 50 table main ${IP} rule del prio 201 from ${EXTIP1}/${EXTM1} table 201 ${IP} rule del prio 202 from ${EXTIP2}/${EXTM2} table 202 ${IP} rule del prio 203 from ${EXTIP3}/${EXTM3} table 203 ${IP} rule del prio 221 table 221 echo "flushing tables" ${IP} route flush table 201 ${IP} route flush table 202 ${IP} route flush table 203 ${IP} route flush table 221 echo "removing tables" ${IP} route del table 201 ${IP} route del table 202 ${IP} route del table 203 ${IP} route del table 221 # setting new rules echo "Setting new routing rules" # main table w/o default gateway here ${IP} rule add prio 50 table main ${IP} route del default table main # identified routes here ${IP} rule add prio 201 from ${EXTIP1}/${EXTM1} table 201 ${IP} rule add prio 202 from ${EXTIP2}/${EXTM2} table 202 ${IP} rule add prio 203 from ${EXTIP3}/${EXTM3} table 203 ${IP} route add default via ${EXTGW1} dev ${EXTIF1} src ${EXTIP1} proto sta= tic=20 table 201 ${IP} route append prohibit default table 201 metric 1 proto static ${IP} route add default via ${EXTGW2} dev ${EXTIF2} src ${EXTIP2} proto sta= tic=20 table 202 ${IP} route append prohibit default table 202 metric 1 proto static ${IP} route add default via ${EXTGW3} dev ${EXTIF3} src ${EXTIP3} proto sta= tic=20 table 203 ${IP} route append prohibit default table 203 metric 1 proto static # mutipath ${IP} rule add prio 221 table 221 ${IP} route add default table 221 proto static \ nexthop via ${EXTGW3} dev ${EXTIF3} weight 1\ nexthop via ${EXTGW2} dev ${EXTIF2} weight 100\ nexthop via ${EXTGW1} dev ${EXTIF1} weight 200 # Multipath for email traffic. ${IP} route add default table mail.traffic proto static \ nexthop via ${EXTGW1} dev ${EXTIF1} weight 1 \ nexthop via ${EXTGW2} dev ${EXTIF2} weight 250\ nexthop via ${EXTGW3} dev ${EXTIF3} weight 100 ${IP} rule add prio 230 fwmark 0x02 table mail.traffic ${IP} route flush cache --------- Multiroute.sh ------------ Then I mark the pakets coming from the lan and going to internet mail=20 servers ... iptables -A PREROUTING -t mangle -s ${LAN}/${LAN_MASK} -d ! ${DMZ1}/${DMZ1_MASK} -p tcp --dport 25 -j MARK --set-mark 0x02 iptables -A PREROUTING -t mangle -s ${LAN}/${LAN_MASK} -d ! ${DMZ1}/${DMZ1_MASK} -p tcp --dport 110 -j MARK --set-mark 0x02 The idea is that mail traffic going to internet try to go out allways by IS= P1=20 but if it fails (that is why the weight are so diferents) by ISP2 and if th= at=20 one fails too try to go out by ISP3, but in the real scenario mail traffic = is=20 going out by a radom provider :( ... for the rest of traffic priorities=20 should be reversed ... first ISP3,then ISP2 and finaly ISP1 and that part i= s=20 running more or least ... sometimes one conection goes out by ISP2 but that= 's=20 not a big problem .. I'm doing something wrong ?, why my mail.traffic table is not working as it= is=20 supposed to _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/