Re: [LARTC] Starting from scratch w/ multiple uplinks

[Markus Feilner <lists@feilner-it.net>]

Am Montag, 9. Mai 2005 17:14 schrieb Rafael A Barrero:
> Hey;
>
> I guess I should have included that aspect : what I want to achieve.
>
> I'd ideally like to use the new (faster line) as the default line for
> traffic, but be able to use the old line just as often depending on
> usage of the new line. However, it wouldn't matter if traffic routed
> randomly either. If one of the two lines is down, obviously use the
> one that is up.
>
> I just want to get the most out of both lines at the same time. My
> internal network has two services (http, imap) that need require
> port- forwarding from the router. Other than that the internal
> network is used for surfing the web, ssh, ftp, irc, p2p cients.
>
> What about my questions regarding updated documentation for iproute2
> (setting this all up)?
>
> Thanks,
>
> --
> Rafael Barrero
> r.barrero@mediarete.it

Ciao Rafael!
Come stai?
First, port-based routing is pretty straightforward:
1) use a default route 
2) add firewall marks to packages you want to route differently
3) add another routing table with the other dsl router as default 
gateway
4) use the fw mark to "sort" packages in the other table, with the 
effect that they are routed via the other gateway.
(see the lartc howto)
that's all for that, we are using that and it works fine.

Second, controlling and switching the line is a little trickier:
As far as I know,
- linux-ha can't do the trick natively (PLEASE CORRECT ME! I STILL 
HOPE!)
- no software package exists for that purpose
Therefore a shell skript is required

In a issue of the german linux magazine was a skript which seems to be 
quit good for a similar purpose (two vpn tunnels via two dsl lines), 
and should be easily changed for that purpose.
Perhaps we should try together to make a skript-based deamon (init.d) 
which is configurable and does the testing and switching.

Third: 
Load balancing, Limiting and Priorizing is done with tc or tcng. tc's 
syntax is really tough (my opinion), tcng is better, but i haven't 
found the time for it.

Alora, ciao.

>
> On May 9, 2005, at 4:30 PM, Sylvain BERTRAND wrote:
> > On Lun 9 mai 2005 16:05, Rafael A Barrero a écrit :
> >> Hi guys;
> >>
> >> I'm sure you are all bored of hearing the same story over and
> >> over... but here it comes again. :) Yep, tomorrow I'm getting
> >> another ADSL line installed and I wanted my linux router to handle
> >> both providers (new and old). I have my linux router (fedora core
> >> 2) setup to do NAT for my current line, but I know I'll need to
> >> change my configuration to accommodate the second line.
> >>
> >> I have no problem with 'RTFM', but since I've started doing my
> >> homework, I've realized that things have changed and I guess this
> >> is the place to get the latest updates since most all sites out
> >> there still refer to old 2.2/2.4 kernels, workflow and tools.
> >>
> >> Ideally I'm looking for a guide I can follow to setup an linux
> >> router that will handle 2 uplinks and will do some minimal
> >> load-balancing (to start). Maybe a guide is too much, so if you
> >> have pointers, those are appreciated equally.
> >>
> >> Here's what I have to start:
> >>
> >> 1. Fedora Core 2 server with 3 ethernet cards
> >> 2. Documentation from: http://lartc.org/howto/
> >>
> >> What I know I need to do:
> >>
> >> 1. Need to recompile my kernel with all the advanced router
> >> modules 2. Follow steps in documentation (above) on iproute2
> >> 3. Configure iptables
> >>
> >> Here's my network topology:
> >>                                   |------------------|
> >>                                   |
> >>                                   |  INET 1          |<-------->
> >>
> >> Internet
> >>
> >> +------------------------------+-------|                        |
> >> +---------------------+                  |
> >> (eth0)   |          |------------------|
> >>
> >> |                              |                   |  Linux
> >>
> >> Router                |
> >>
> >> |   Local network  |
> >> |
> >> |                              | <---------> |
> >>
> >> (eth2)                              |
> >>
> >> |   192.168.0.x      |                  |
> >>
> >> (192.168.0.1)                |
> >>
> >> |                            (eth1)   |
> >> |--------------------|
> >>
> >> +---------------------+
> >> +------------------------------+------|   INET2             |
> >>
> >>                                 |                           |
<-------
> >>>
> >>> Internet
> >>>
> >>                                 |--------------------|
> >>
> >> Here's what I want to know:
> >> 1. Does an updated guide exist for multiple providers?
> >> 2. Kernel:
> >>   - What kernel modules do I need to install?
> >>   - Do I need to patch my kernel?
> >>   - Do I need to supply any configuration parameters for these
> >> kernel modules?
> >>   - Is my documentation up-to-date? If not, what's the diff and
> >> where can I get the latest? I heard I shouldn't use this
> >> documentation... 4. Anyone have sample scripts for iptables (NAT)
> >> for this type of setup?
> >> 5. How do I configure QoS? What's Wonder Shaper?
> >> 6. Am i missing anything?
> >>
> >> As long as I'm pointed in the right direction, with good
> >> documentation, I think I can make it. Of course, I'll probably
> >> need a little help, so thanks in advance!
> >>
> >> Cheers,
> >>
> >> --
> >> Rafael Barrero
> >> r.barrero@mediarete.it
> >
> > Hi Rafael,
> >
> > From my point of view, you don't need to enable advanced routing
> > options
> > in the kernel. You may want to enable QoS though, and use iproute.
> > The kernel setup is not the hard part. The hard part is routing the
> > traffic on one link or the other, according to your needs.
> > Have you already asked your self what you want to do with those
> > links? Load balancing? Some services on one interface and the
> > others on the second?
> > First, try to be sure you know what you wan't to do. Then, think
> > about a
> > way to split the traffic between interfaces.
> >
> > Regards,
> >
> > Sylvain
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-- 
Mit freundlichen Grüßen
Markus Feilner
---------------------------
Feilner IT Linux & GIS 
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Beraiterweg 4 93047 Regensburg
fon +49 941 9465243 fax +49 941 9465244 mobil + +49 170 3027092 
mail mfeilner@feilner-it.net web http://www.feilner-it.net
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc