[LARTC] question re: dead gateway detection

[LARTC] question re: dead gateway detection

[Thomas Vander Stichele]

Hi,

I've followed the instructions in the nano document, and apart from my own 
ISP trouble, it seems to work fine.  I have a question about the dgd 
however.

The dgd works on the actual gateway, but in my experience it seems that 
most problems can be expected a few hops down the route, not on the 
gateway.  One of those two gateways is located here anyway, so if that 
goes down then chances are other stuff is wrong as well ;)

So my question is: is there some way that I can detect that the actual 
route to the net is unusable, even though the gateway is up ? If not, when 
either one of the lines is down, users will notice they're not getting a 
connection randomly, depending on what gateway is used for that 
connection.

Thomas

-- 

The Dave/Dina Project : future TV today ! - http://davedina.apestaart.org/
<-*-                      -*->
Lover fair
We'll be looking sharp I swear
I want them all to stop and stare
When we take'em down
<-*- thomas@apestaart.org -*->
URGent, the best radio on the Internet - 24/7 ! - http://urgent.rug.ac.be/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] question re: dead gateway detection

[Vincent AE Scott]

Thomas Vander Stichele(thomas@urgent.rug.ac.be)@Wed, Mar 27, 2002 at 10:45:10AM +0100:
> Hi,
> 
> I've followed the instructions in the nano document, and apart from my own 
> ISP trouble, it seems to work fine.  I have a question about the dgd 
> however.
> 
> The dgd works on the actual gateway, but in my experience it seems that 
> most problems can be expected a few hops down the route, not on the 
> gateway.  One of those two gateways is located here anyway, so if that 
> goes down then chances are other stuff is wrong as well ;)
> 
> So my question is: is there some way that I can detect that the actual 
> route to the net is unusable, even though the gateway is up ? If not, when 
> either one of the lines is down, users will notice they're not getting a 
> connection randomly, depending on what gateway is used for that 
> connection.
> 
> Thomas

It sounds to me like you need something which is proactively monitoring
your network health/status.  The points in the network your referring
to, are not under your sirect control, so there's not a lot tc/ip can
directly do to solve your problem.

but with some clever scripting, you could attempt to detect a fault in
the network, and take appropriate action.  such as delete the faulty
route for all the clients that were using it, and forec them onto the
other route.   you'll still need to be able to test the dead route from
the box, such that you can activate again, once its working.

i hope i understood the problem correctly, and havent gone off on one.

-vince



-- 
PGP key:  http://codex.net/pgp/pgp.asc

 Computers make very fast, very accurate mistakes.

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] question re: dead gateway detection

[Thomas Vander Stichele]

> > So my question is: is there some way that I can detect that the actual 
> > route to the net is unusable, even though the gateway is up ? If not, when 
> > either one of the lines is down, users will notice they're not getting a 
> > connection randomly, depending on what gateway is used for that 
> > connection.
> > 
> > Thomas
> 
> It sounds to me like you need something which is proactively monitoring
> your network health/status.  The points in the network your referring
> to, are not under your sirect control, so there's not a lot tc/ip can
> directly do to solve your problem.
> 
> but with some clever scripting, you could attempt to detect a fault in
> the network, and take appropriate action.  such as delete the faulty
> route for all the clients that were using it, and forec them onto the
> other route.   you'll still need to be able to test the dead route from
> the box, such that you can activate again, once its working.
> 
> i hope i understood the problem correctly, and havent gone off on one.

No, you understood it correctly, and this is what I used to do.  However, 
i was looking for a better solution and the load balancing is, in a normal 
situation, better.  What I wanted to know was, how can I combine this 
scripting that checks for usable routes to the net with the current nano 
setup I'm using.  I would like for it to integrate cleanly, ie. not having 
to change routes on the fly each time, but instead maybe mark the  gateway 
as dead by hand, for example.

If it's not possible, I might as well just go back to the older setup 
without the load balancing, because in that case we just routed some of 
the traffic over one gateway and some of the other traffic over another, 
folding stuff back over the working line if one of the went down.

I just really like the cleanliness of the nano approach with julian's 
patches, and would like to add on that instead ;)

Thomas

 -- 

The Dave/Dina Project : future TV today ! - http://davedina.apestaart.org/
<-*-                      -*->
I have these hands teeming with love for you
But you're not here to touch
You said you'd wait but it's killing me
When I need something that much
<-*- thomas@apestaart.org -*->
URGent, the best radio on the Internet - 24/7 ! - http://urgent.rug.ac.be/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

RE: [LARTC] question re: dead gateway detection

[Steele, Tom]

> > So my question is: is there some way that I can detect that the actual 
> > route to the net is unusable, even though the gateway is up ? If not,
when 
> > either one of the lines is down, users will notice they're not getting a

> > connection randomly, depending on what gateway is used for that 
> > connection.
> > 
> > Thomas

I would assume the rest of your network would be running some kind of route
monitoring protocol (OSPF, RIP, etc).  Could you not just run gated and
listen in?  That would be the easiest way IMO.  Lots of info on the subject,
google is your friend.  HTH.

******************
Tom Steele
Comm/Systems Engineer
Children's Hospital
Omaha, NE
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

RE: [LARTC] question re: dead gateway detection

[Thomas Vander Stichele]

Thanks for some of the hints.

> > > So my question is: is there some way that I can detect that the actual 
> > > route to the net is unusable, even though the gateway is up ? If not,
> when 
> > > either one of the lines is down, users will notice they're not getting a
> 
> > > connection randomly, depending on what gateway is used for that 
> > > connection.

However, my basic question hasn't been answered, and to put it simply : is 
there some way a user-space program can signify the dead gateway code to 
mark one of the gateways as dead or alive ? That would make this the 
easiest.

It's not that it's especially hard to write daemons to check routes to 
then change networkconfigurations on the fly, but it's not the cleanest 
solution IMO ;)

And on another note, I'm using iptables to DNAT on my firewall.  Now, an 
unintended side effect is that for web servers (maybe others as well), 
traffic now seems to come from the firewall instead of the actual outside 
ip address.  Is there some way I can get the real ip address to the server 
? I used to do ip-based blocking but that's pretty ineffective now ;)

Thanks,

Thomas

 -- 

The Dave/Dina Project : future TV today ! - http://davedina.apestaart.org/
<-*-                      -*->
"First lesson : you have to treat your kite like a woman."
"You mean, take her home and meet your mom, sir ?"
"No, get inside her five times a day and
 take her to heaven and down again !"
<-*- thomas@apestaart.org -*->
URGent, the best radio on the Internet - 24/7 ! - http://urgent.rug.ac.be/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/