Hi everyone, I''m new to the list and I''ve got a couple of questions. I''m following instructions here: http://www.samag.com/documents/s=1824/sam0201h/0201h.htm for setting up a dual-connection (T1 & DSL) machine. My problems are: 1) ip route add default equalize doesn''t work - I get:>ip route add default equalizeRTNETLINK answers: No such device or if I do it properly:>ip route add default equalize nexthop via 206.253.195.209 dev eth0nexthop via 64.133.254.73 dev eth2 RTNETLINK answers: Invalid argument 2) Since that didn''t work, I just made my default be via 64.133.254.73. Now I''m running a DNS master server on 206.253.195.209 and while it responds to regular dig just fine, it doesn''t respond to zone transfer (dig axfr ). Or rather, I''ve been told by the guy running the slave server that for whatever reason it responds over the 64.133.254.73 address, although I''m not sure how he found that out - so zone transfers don''t work. I''m aware that #2 _could_ be due to my ipchains configuration being incorrect, but I have poked some pretty big holes for the slave servers. 3) I see Policy Routing Using Linux by Matthew Marsh highly recommended on this site: http://defiant.coinet.com/iproute2/ Are there any books that people would recommend even more highly? I''m finding the command-reference only documentation on the net to be a bit less than I need. Thanks, Paul
Paul, Off hand I would assume that your kernel was not compiled with multipath support. That''s the only reason I can think of off hand why those commands would fail. Now if that is compiled into your kernel, then it could be a problem with you trying to use a IP that your machine does not have routes for. Ex. In order to use 206.253.195.209 and 64.133.254.73 if you type route -n enter, then you should get back something saying 206.253.195.0 dev eth* 64.133.254.0 dev eth* If those entires do not appear in the routing table, then the machine will not know how to reach the IP''s you are using for your multipath gateway. Also, FYI, The article you are referring to is a good one. Mostly for the DNS aspects. For the rest I would recommend the following. http://www.linuxvirtualserver.org/~julian/nano.txt Also there are some patches you will need to apply to your kernel in order to make things work. Aside from the patches the linux router will have to perform some sort of NAT. Then and only then will you be able to use both connections. I spent several months, and many long days and nights going through what does not work. I have found only one working solution. If you look through the LARTC archieves you will see my past posts. Feel free to ask me anything, or simply post to the list and I as well as others will reply. Good luck, hope that helps. On Thu, 2002-06-06 at 12:14, Paul English wrote:> > Hi everyone, > I''m new to the list and I''ve got a couple of questions. I''m > following instructions here: > http://www.samag.com/documents/s=1824/sam0201h/0201h.htm > for setting up a dual-connection (T1 & DSL) machine. My problems are: > > 1) ip route add default equalize doesn''t work - I get: > > >ip route add default equalize > RTNETLINK answers: No such device > > or if I do it properly: > > >ip route add default equalize nexthop via 206.253.195.209 dev eth0 > nexthop via 64.133.254.73 dev eth2 > RTNETLINK answers: Invalid argument > > 2) Since that didn''t work, I just made my default be via 64.133.254.73. > Now I''m running a DNS master server on 206.253.195.209 and while it > responds to regular dig just fine, it doesn''t respond to zone transfer > (dig axfr ). Or rather, I''ve been told by the guy running the slave server > that for whatever reason it responds over the 64.133.254.73 address, > although I''m not sure how he found that out - so zone transfers don''t > work. > > I''m aware that #2 _could_ be due to my ipchains configuration being > incorrect, but I have poked some pretty big holes for the slave servers. > > 3) I see Policy Routing Using Linux by Matthew Marsh highly recommended on > this site: http://defiant.coinet.com/iproute2/ > Are there any books that people would recommend even more highly? I''m > finding the command-reference only documentation on the net to be a bit > less than I need. > > Thanks, > Paul > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >-- Sincerely, William L. Thomson Jr. Obsidian-Studios, Inc. 439 Amber Way Petaluma, Ca. 94952 Phone 707.766.9509 Fax 707.766.8989 http://www.obsidian-studios.com -- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios Inc. 439 Amber Way Petaluma, Ca. 94952 Phone 707.766.9509 Fax 707.766.8989 http://www.obsidian-studios.com
On Thu, 2002-06-06 at 12:27, William L. Thomson Jr. wrote:> Paul, > Off hand I would assume that your kernel was not compiled with > multipath support. That''s the only reason I can think of off hand why > those commands would fail. > > Now if that is compiled into your kernel, then it could be a problem > with you trying to use a IP that your machine does not have routes for. > > Ex. In order to use 206.253.195.209 and 64.133.254.73 > > if you type route -n enter, then you should get back something saying > > 206.253.195.0 dev eth* > 64.133.254.0 dev eth* > > If those entires do not appear in the routing table, then the machine > will not know how to reach the IP''s you are using for your multipath > gateway. > > Also, FYI, > The article you are referring to is a good one. Mostly for the DNS > aspects. For the rest I would recommend the following. > http://www.linuxvirtualserver.org/~julian/nano.txt > > Also there are some patches you will need to apply to your kernel in > order to make things work. Aside from the patches the linux router will > have to perform some sort of NAT.Here is the url for the pacthes http://www.linuxvirtualserver.org/~julian/#routes> Then and only then will you be able to use both connections. I spent > several months, and many long days and nights going through what does > not work. I have found only one working solution. > > If you look through the LARTC archieves you will see my past posts. Feel > free to ask me anything, or simply post to the list and I as well as > others will reply. > > Good luck, hope that helps. > > > On Thu, 2002-06-06 at 12:14, Paul English wrote: > > > > Hi everyone, > > I''m new to the list and I''ve got a couple of questions. I''m > > following instructions here: > > http://www.samag.com/documents/s=1824/sam0201h/0201h.htm > > for setting up a dual-connection (T1 & DSL) machine. My problems are: > > > > 1) ip route add default equalize doesn''t work - I get: > > > > >ip route add default equalize > > RTNETLINK answers: No such device > > > > or if I do it properly: > > > > >ip route add default equalize nexthop via 206.253.195.209 dev eth0 > > nexthop via 64.133.254.73 dev eth2 > > RTNETLINK answers: Invalid argument > > > > 2) Since that didn''t work, I just made my default be via 64.133.254.73. > > Now I''m running a DNS master server on 206.253.195.209 and while it > > responds to regular dig just fine, it doesn''t respond to zone transfer > > (dig axfr ). Or rather, I''ve been told by the guy running the slave server > > that for whatever reason it responds over the 64.133.254.73 address, > > although I''m not sure how he found that out - so zone transfers don''t > > work. > > > > I''m aware that #2 _could_ be due to my ipchains configuration being > > incorrect, but I have poked some pretty big holes for the slave servers. > > > > 3) I see Policy Routing Using Linux by Matthew Marsh highly recommended on > > this site: http://defiant.coinet.com/iproute2/ > > Are there any books that people would recommend even more highly? I''m > > finding the command-reference only documentation on the net to be a bit > > less than I need. > > > > Thanks, > > Paul > > > > _______________________________________________ > > LARTC mailing list / LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > -- > Sincerely, > William L. Thomson Jr. > Obsidian-Studios, Inc. > 439 Amber Way > Petaluma, Ca. 94952 > Phone 707.766.9509 > Fax 707.766.8989 > http://www.obsidian-studios.com > -- > Sincerely, > William L. Thomson Jr. > Support Group > Obsidian-Studios Inc. > 439 Amber Way > Petaluma, Ca. 94952 > Phone 707.766.9509 > Fax 707.766.8989 > http://www.obsidian-studios.com > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >-- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios Inc. 439 Amber Way Petaluma, Ca. 94952 Phone 707.766.9509 Fax 707.766.8989 http://www.obsidian-studios.com
> Off hand I would assume that your kernel was not compiled with > multipath support. That''s the only reason I can think of off hand why > those commands would fail.On closer examination that appears to be true. I thought I had installed the kernel (same version) with multipath support, but checksums disagree. On the other hand, it appears that my zone transfer problem was entirely due to my ipchains configuration. :-/ With that fixed everything works fine - except multipath of course. I can live with the current configuration (no multipath) as even without multipath turned on, as long as I have separate routing tables for the T1 and DSL, I can route everything out of the DSL, and incoming customer connections on the T1 are routed right back out the T1 - perfect! Well - almost. Ultimately I will have it set up such that I use 2 DSL for clients MASQ''ed behind the firewall, and the T1 for customers (external connections) only, with some kind of failover setup.> Then and only then will you be able to use both connections. I spent > several months, and many long days and nights going through what does > not work. I have found only one working solution. > > If you look through the LARTC archieves you will see my past posts. Feel > free to ask me anything, or simply post to the list and I as well as > others will reply.I will most definitely do that. With zone transfers working (and email, www, etc) now I can more comfortably research how to get the "ideal" setup. Thanks, Paul