* [LARTC] 1+1 HA gateway
@ 2001-07-12 14:47 RoMaN SoFt / LLFB!!
2001-07-12 18:20 ` Mike Fedyk
2001-07-13 16:41 ` Mike Fedyk
0 siblings, 2 replies; 3+ messages in thread
From: RoMaN SoFt / LLFB!! @ 2001-07-12 14:47 UTC (permalink / raw)
To: lartc
Hi.
I need to setup "one route" to a certain destination network (indeed
it's another LAN, which I want to connect to, i.e. I'm creating a
simple VPN). I have 2 possible gateways:
a) Fast (through an ADSL line via 192.168.7.254. This is a CIPE
connection)
b) Slow (through a RDSI line via 192.168.5.3. This is pure PPP)
The situation I'm looking for is having two real routes to the
destination network (via the fast gateway and the slow one
respectively) but only the first (=fast) one is used in normal
conditions. The second (=slow) one will only be used in case the first
breaks (i.e. failover mode).
I've tried to enter two different routes to the same destination and
it seems not to be permitted:
goliat:/etc/iproute2 # ip route list table roman
192.168.7.254 dev cipcb0 scope link
default via 192.168.5.1 dev eth1
goliat:/etc/iproute2 # ip route add 192.168.1.0/24 via 192.168.7.254
table roman
goliat:/etc/iproute2 # ip route add 192.168.1.0/24 via 192.168.5.3
table roman
RTNETLINK answers: File exists
Nevertheless I've checked the main table and I can see "duplicated"
routes (these were introduced by the "route" command):
goliat:/etc/iproute2 # ip route list
62.22.78.68 via 192.168.5.1 dev eth1
62.22.78.68 via 192.168.5.2 dev eth1
192.168.7.254 dev cipcb0 proto kernel scope link src 192.168.6.254
192.168.5.0/24 dev eth1 proto kernel scope link src 192.168.5.200
192.168.3.0/24 via 192.168.5.3 dev eth1
192.168.2.0/24 via 192.168.5.3 dev eth1
192.168.1.0/24 via 192.168.5.3 dev eth1
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.200
127.0.0.0/8 dev lo scope link
default via 192.168.5.1 dev eth1
goliat:/etc/iproute2 #
Note the 62.22.78.68 route. Now it is permitted !
Is this last one a multipath route or what am I missing?
Is it possible to reach the failover state I'm looking for? Any
experiences with that?
Another possible case (perhaps it works) would be to set up a
multipath route and use a very high metric for the slow gateway, but
this is not exactly what I want 'cause I want the slow gateway to be
used IF and ONLY IF the fast one is down.
Please, help. Thx in advance.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@madrid.com
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] 1+1 HA gateway
2001-07-12 14:47 [LARTC] 1+1 HA gateway RoMaN SoFt / LLFB!!
@ 2001-07-12 18:20 ` Mike Fedyk
2001-07-13 16:41 ` Mike Fedyk
1 sibling, 0 replies; 3+ messages in thread
From: Mike Fedyk @ 2001-07-12 18:20 UTC (permalink / raw)
To: lartc
On Thu, Jul 12, 2001 at 04:47:57PM +0200, RoMaN SoFt / LLFB!! wrote:
>
> Hi.
>
> I need to setup "one route" to a certain destination network (indeed
> it's another LAN, which I want to connect to, i.e. I'm creating a
> simple VPN). I have 2 possible gateways:
> a) Fast (through an ADSL line via 192.168.7.254. This is a CIPE
> connection)
> b) Slow (through a RDSI line via 192.168.5.3. This is pure PPP)
>
> The situation I'm looking for is having two real routes to the
> destination network (via the fast gateway and the slow one
> respectively) but only the first (úst) one is used in normal
> conditions. The second (=slow) one will only be used in case the first
> breaks (i.e. failover mode).
>
I believe the only way for the kernel to recognize that there has been
a failure, is the ethernet card detecting a line drop. If you can be
sure that when the link goes down that this happens, you won't need
anything else except for the right rules in your routing setup.
If your setup won't do this, you'll need a script that actively checks
for connectivity, or for more complicated setups a routing protocol.
If I'm wrong, someone please let me know.
Mike
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] 1+1 HA gateway
2001-07-12 14:47 [LARTC] 1+1 HA gateway RoMaN SoFt / LLFB!!
2001-07-12 18:20 ` Mike Fedyk
@ 2001-07-13 16:41 ` Mike Fedyk
1 sibling, 0 replies; 3+ messages in thread
From: Mike Fedyk @ 2001-07-13 16:41 UTC (permalink / raw)
To: lartc
On Fri, Jul 13, 2001 at 09:53:24AM +0200, RoMaN SoFt / LLFB !! wrote:
> On Thu, 12 Jul 2001 11:20:18 -0700, you wrote:
>
> >> The situation I'm looking for is having two real routes to the
> >> destination network (via the fast gateway and the slow one
> >> respectively) but only the first (úst) one is used in normal
> >> conditions. The second (=slow) one will only be used in case the first
> >> breaks (i.e. failover mode).
> >
> >I believe the only way for the kernel to recognize that there has been
> >a failure, is the ethernet card detecting a line drop. If you can be
> >sure that when the link goes down that this happens, you won't need
> >anything else except for the right rules in your routing setup.
>
> I forgot to say that I also tried to use metric: two routes with
> different metric (one with default metric [0, isn't it] and the other
> one with metric 10). This time I could enter the two routes to the
> same destination but when the first gateway lose connectivity it seems
> not to be detected. I'll keep on doing some testing.
>
> I read in this list's archives that the kernel routing code should
> detect if the gateway is ok and in negative case switch to another
> route (with greater metric). How does it work exactly? Which type of
> checks are performed?
>
I don't really know. I haven't seen any traffic on the network that
seems to try to detect connectivity.
> Mike, the issue is not to detect when ethernet is broken (this is a
> feature of the network card and it is used, for instance, in "bonding"
> driver; indeed in that case my problem would be solved using this
> driver in backup mode) but detecting when the destination network is
> not reachable. So the gateway itself could be ok (it could have its
> "receiving" ethernet up, I mean, my linux router [which I'm trying to
> config] can reach the gateway) but its output line could be down
> avoiding a correct deliver of packets (gateway can reach destination
> network).
>
> Is it absolutely necessary to use a routing daemon in my case? Or the
> metric trick should be sufficient for me?
>
I would guess that the kernel would need some icmp message sent to it
to detect that a route is down. Like "dest unreachable" from the
first hop.
In my case, I have a bridged DSL connection, and if the link goes
down, I won't get the icmp either. I have another routed dsl
connection, but I haven't tested with that yet. With the bridged
line, the packets go out, and don't get any response. The kernel
doesn't do anything in this case.
Do you know anything about C or C++ coding? If so, you could take a
look at the routing code yourself and maybe get an idea of what is
going on.
My guess is that it requires dest-unreach to work. It'd change in the
routing cache, and you wouldn't see anything in your other tables
change.
Mike
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2001-07-13 16:41 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-07-12 14:47 [LARTC] 1+1 HA gateway RoMaN SoFt / LLFB!!
2001-07-12 18:20 ` Mike Fedyk
2001-07-13 16:41 ` Mike Fedyk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.