I got a problem with ip aliasing. I''ve an interface (eth0) and its address (eg. 195.150.0.11) routed throught 195.150.0.1 I made an alias 193.144.0.11 too (eth0:1) but I have to route the second subnet trought an other router (193.144.0.1) the main problem is, that I cannot make two default routes... I dont know really what to in this case ---------- | | eth0 (195.150.0.11)----------------[router: 195.150.0.11]-------------INET | | eth0:1 (193.144.0.11)---------------[router: 193.144.0.11]-------------INET --------- =====================Meretei Balázs noxy@icw.hu
Meretei Balázs wrote:> I''ve an interface (eth0) and its address (eg. 195.150.0.11) routed > throught 195.150.0.1 > I made an alias 193.144.0.11 too (eth0:1) > but I have to route the second subnet trought an other router (193.144.0.1)I''m pretty sure you need source-based routing here. (or is that policy-based ?) you setup 2 routing tables, and then make rules that say packets from 195.150.0.0 go into one (which has a default gateway of 195.150.0.1) and packets from the other network go into the second routing table, with a gw of 193.144.0.1 take a look at: http://lartc.org/howto/lartc.rpdb.html#LARTC.RPDB.SIMPLE and maybe: http://linux-ip.net/html/ch-routing.html http://linux-ip.net/gl/ip-cref/ it''s pretty easy once you work out what needs to happen. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@snapgear.com SnapGear --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Meretei,
: I''ve an interface (eth0) and its address (eg. 195.150.0.11) routed
: throught 195.150.0.1 I made an alias 193.144.0.11 too (eth0:1) but I
: have to route the second subnet trought an other router (193.144.0.1)
:
: the main problem is, that I cannot make two default routes... I dont
: know really what to in this case
Damion was correct when he suggested that policy routing would be a good
solution for you. He suggested reading lartc.org [0] and also a chapter
in my (incomplete) book; the chapter on routing [1]. Together these two
resources should give you a good idea of how the solution works. Policy
routing leverages multiple routing tables and a policy database. The
lookups in the policy database select the routing table to apply for a
particular packet. With a careful design of your routing tables, you can
easily have two or more default routes, depending on the characteristics
of the outbound packet.
: +--------+
: | linux | eth0 (195.150.0.11) -- [router: 195.150.0.1] -- INET
: | router | eth0:1 (193.144.0.11) -- [router: 193.144.0.1] -- INET
: +--------+
I assume that you are only showing us the networks connected to this
router, and that there are no others. If that is the case, then my
following statements hold.
For you, the pitfall and difficulty will likely have more to do with
ensuring that the packets are sourced from the correct IP. This will be
trivial if you are running servers on 195.150.0.11 and 193.144.0.11, but
may be more difficult if you are trying to select outbound path from
userspace. This could depend on your application supporting the call to
bind to a particular IP.
In particular, you''ll want to examine the kernel''s rules for
selecting a
source IP if it is not specified by the application [2].
If eth0 is your preferred link, then this should work for you as a
starting point:
echo secondary >> /etc/iproute2/rt_tables
ip rule add from 193.144.0.11 table secondary
ip route flush table secondary
ip route show table main | while read ROUTE ; do
ip route add table secondary $ROUTE
done
ip route change default table secondary via 193.144.0.1
One other note. The use of the term IP aliasing is archaic and
deprecated. The command "ifconfig" displays "aliased"
interfaces with
the old-style name "eth0:0", when, in fact, there is no such thing as
an
alias under Linux. This is immediately obvious when using the "ip
address" command line tool to list addresses associated with a particular
interface.
-Martin
[0] http://lartc.org/howto/lartc.rpdb.html#LARTC.RPDB.SIMPLE
[1] http://linux-ip.net/html/ch-routing.html
[2] http://linux-ip.net/gl/ip-cref/node155.html
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi, Sorry the subject OOT. Anyone know about html based (using mrtg) for traffic report that show per service traffic. Thanx. Regards, Kris _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi.I new to this so forgive me for errors What about ntop? On Tue, 2003-11-11 at 12:10, Kristiadi Himawan wrote:> Hi, > Sorry the subject OOT. > Anyone know about html based (using mrtg) for traffic report that show per > service traffic. > > Thanx. > > Regards, > > Kris > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tuesday 11 November 2003 15:44, Eddie wrote:> Hi.I new to this so forgive me for errors > What about ntop?Ntop can be used. It even has an output function so you can use rrdtool (the mrtg backend) to create graphs. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/