From: bert hubert <ahu@ds9a.nl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Need information on multi-homing
Date: Sun, 03 Mar 2002 01:21:59 +0000 [thread overview]
Message-ID: <marc-lartc-101511855812786@msgid-missing> (raw)
In-Reply-To: <marc-lartc-101511305202598@msgid-missing>
On Sat, Mar 02, 2002 at 03:49:49PM -0800, Bruce Perens wrote:
> Is there a multi-homing FAQ? I've not been able to find it.
No, but it is very high on my agenda. Multihoming and loadbalancing are
among the most popular subjects if I count by my inbox.
> Here's my system's configuration:
>
> eth0: SDSL at 216.15.108.186 (dnai-net)
> eth1: ADSL at 67.114.175.138 (sbc-net)
> eth2: DHCP network at 192.168.1.1 .
> lo: 127.0.0.1
>
> There is a firewall box acting as the DHCP server and router for the
> systems on the DHCP net. The Linux system doesn't run DHCP or
> masquerading.
So what IP address do packets have that come from the firewall box?
> If a connection is accepted on the IP address of one of these interfaces,
> I'd like its packets to go out on the same interface. If there is a failure
> on the path to eth0, connections to eth1 should continue to work, and vice
> versa. But right now, eth0 has the default route and just about every packet
> goes out of eth0 regardless of what interface they come in. So, I tried this:
>
> ip rule add from 216.15.108.186 table dnai-net
> ip rule add from 67.114.175.138 table sbc-net
> ip route add default via 216.15.108.186 dev eth0 table dnai-net
> ip route add default via 67.114.175.138 dev eth1 table sbc-net
>
> This doesn't work. I get a destination unreachable if I try to follow either
> route. So, what am I doing wrong?
You have no default route left for packets which came in over the firewall
box, which probably has a 192.168.1.x address? I think that is the number
one thing going wrong.
Now, as to what you want, you will need a way to separate connections to go
out over either eth0 or eth1 in a persistent way. This mostly means sending
out half your internal IP range over one interface and the other half over
the other.
This in turn implies SNAT or masquerading because you need to change the
source address - packets with the address of eth0 won't travel the net well
over eth1.
Regards,
bert hubert
--
http://www.PowerDNS.com Versatile DNS Software & Services
http://www.tk the dot in .tk
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-03-03 1:21 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-03-02 23:49 [LARTC] Need information on multi-homing Bruce Perens
2002-03-03 1:21 ` bert hubert [this message]
2002-03-03 5:36 ` Bruce Perens
2002-03-03 11:16 ` bert hubert
2002-03-04 18:51 ` Bruce Perens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-101511855812786@msgid-missing \
--to=ahu@ds9a.nl \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.