LARTC - Aug 2004 - Finally: A working case of two adsl load balance

First of all i wanna thanks Christoph Simon for the support. 
Only after his reply to my email i could see the real solution to 
the problem (Valeu mesmo cara... me ajudou pra caramba! 
Fico te devendo essa!) :) 
Here is what i learned in a month of research: 
I tried A LOT of things to do load balance, including the one at 
LARTC homepage. The only tutorial that REALLY works in my 
case is the Christoph Simon at http://www.ssi.bg/~ja/nano.txt 
Maybe LARTC can replace the erroneous tutorial at 
http://lartc.org/howto/lartc.rpdb.multiple-links.html with the 
nano.txt. 
I will not write a tutorial, first of all cause my english is very 
bad. Second because the nano.txt tutorial can do the trick. I 
will just give some hints i used here. 
First of all the load balance DOESN´T work without the Julian 
Anastasov route patch. You can get it at: 
http://www.ssi.bg/~ja/#routes So don´t be lazy, get the kernel 
source code, aplly the patch and compile the kernel. 
Pay attention to your nat configuration. In the first attempt I 
had problems cause i forgot to mask the nated ips on the 
postrouting table (this command is the last on my example 
below). 
I used the ip adress of the external interface, not the mask 
for the external network (nano.txt tutorial gives the 2 
options...) 
Be sure that you don´t have a default route on your main 
table. If u have any, delete it! 

I have a linux box with: 
- Kernel 2.6.3 with Julian Anastasov patch to kernel 2.6.0-
2.6.3 http://www.ssi.bg/~ja/routes-2.6.0-test11-10.diff 
- iproute2-ss010824 
- 4 ethernet cards: 
eth0 - internal lan ip range 192.168.1.x 
eth1 - internal lan ip range 192.168.2.x 
eth2 (ppp0) - external adsl with 600 Kb/sec down and 300 
Kb/sec up 
eth3 (ppp1) - external adsl with 600 Kb/sec down and 300 
Kb/sec up 
I have nat and my 2 lan access the internet using the linux 
box as gateway. 
I run 2 rp-pppoe daemon, one for each adsl connection. 
ppp0 ip: 200.101.233.120 
ppp0 gateway: 200.138.225.254 
ppp1 ip: 201.3.219.70 
ppp1 gateway: 201.3.196.254 

Here is the commands i use: 

#table main with priority 50, the highest one 
ip rule add prio 50 table main
#table 201 
ip rule add prio 201 from 201.3.219.70 table 201
ip route add default via 201.3.196.254 dev ppp1 src 
201.3.219.70 proto static table 201
ip route append prohibit default table 201 metric 1 proto static
#table 202 
ip rule add prio 202 from 200.101.233.120 table 202
ip route add default via 200.138.225.254 dev ppp0 src 
200.101.233.120 proto static table 202
ip route append prohibit default table 202 metric 1 proto static
#table 222 
ip rule add prio 222 table 222
ip route add default table 222 proto static nexthop via 
201.3.196.254 dev ppp1 nexthop via 200.138.225.254 dev 
ppp0
#essential masquerade option 
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j 
MASQUERADE 
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j 
MASQUERADE 

Here is the route output: 

[root@localhost root]# route
Tabela de Roteamento IP do Kernel
Destino Roteador MáscaraGen. Opções Métrica Ref Uso Iface
200.138.225.254 * 255.255.255.255 UH 0 0 0 ppp0
201.3.196.254 * 255.255.255.255 UH 0 0 0 ppp1
192.168.2.0 * 255.255.255.0 U 0 0 0 eth1
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo

Here is the ip route list output for the 4 tables (main, 201, 
202, 222): 

[root@localhost root]# ip route list table main
200.138.225.254 dev ppp0 proto kernel scope link src 
200.101.233.120
201.3.196.254 dev ppp1 proto kernel scope link src 
201.3.219.70
192.168.2.0/24 dev eth1 scope link
192.168.1.0/24 dev eth0 scope link
127.0.0.0/8 dev lo scope link
[root@localhost root]# ip route list table 201
default via 201.3.196.254 dev ppp1 proto static src 
201.3.219.70
prohibit default proto static metric 1
[root@localhost root]# ip route list table 202
default via 200.138.225.254 dev ppp0 proto static src 
200.101.233.120
prohibit default proto static metric 1
[root@localhost root]# ip route list table 222
default proto static
nexthop via 200.138.225.254 dev ppp0 weight 1
nexthop via 201.3.196.254 dev ppp1 weight 1

And that´s all! I have a working and very well balanced 
system. I´m getting combined download speed of 120 Kb/sec 
running multiple simultaneous downloads (p2p, html, ftp, etc), 
40 kb/sec simultaneous upload speed. I can play online 
games without problems. MSN/ICQ remains connected all the 
time using the same ip address. No packet loss problems.The 
two 600/300 lines really looks very similar to a 1200/600 line. 
It´s really wonderful. 
I hope this can help someone. The load balance isn´t so hard 
to do when you know which commands you really need. I did 
it, why can´t you do it too? :) 
Fernando Favero 
favero@grad.ufsc.br
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Cytowanie favero@grad.ufsc.br:
> First of all i wanna thanks Christoph Simon for the support. 
> Only after his reply to my email i could see the real solution to 
> the problem (Valeu mesmo cara... me ajudou pra caramba! 
> Fico te devendo essa!) :) 
> Here is what i learned in a month of research: 
Great job indeed, 
my comments below:

Since few months same thing as yours is published by me at
http://www.ssi.bg/~ja/tmp/mpath2.sh
it also took a lot, a lot of research,
and your job just confirmes that it is the right way :) I''m glad about
it.
> I tried A LOT of things to do load balance, including the one at 
> LARTC homepage. The only tutorial that REALLY works in my 
> case is the Christoph Simon at http://www.ssi.bg/~ja/nano.txt 
The right place :)
> Maybe LARTC can replace the erroneous tutorial at 
> http://lartc.org/howto/lartc.rpdb.multiple-links.html with the 
> nano.txt. 
Definitely YES. YES. YES. It''s not the problem of errors in lartc, but
it''s just
incomplete
> I will not write a tutorial, first of all cause my english is very 
> bad. Second because the nano.txt tutorial can do the trick. I 
> will just give some hints i used here. 
Maybe it would be worth of to write it again :) Cause this problem 
still exists on the list (does the people asking read the archives?,
solution was published Oct 2003 by me, and I think it wasn''t the first
one)
> First of all the load balance DOESN´T work without the Julian 
> Anastasov route patch. You can get it at: 
> http://www.ssi.bg/~ja/#routes So don´t be lazy, get the kernel 
> source code, aplly the patch and compile the kernel. 
Yeah, and the lines with append prohibit default and correct routing of 
packets with already defined source address is the most important thing.
You forget about those parts and nothing will EVER work correctly.
> Pay attention to your nat configuration. In the first attempt I 
> had problems cause i forgot to mask the nated ips on the 
> postrouting table (this command is the last on my example 
> below). 
Of course it works with SNAT also
> I used the ip adress of the external interface, not the mask 
> for the external network (nano.txt tutorial gives the 2 
> options...) 
> Be sure that you don´t have a default route on your main 
> table. If u have any, delete it! 
[example snipped out :) can be found in archives :) ]
 
> 
> And that´s all! I have a working and very well balanced 
> system. I´m getting combined download speed of 120 Kb/sec 
> running multiple simultaneous downloads (p2p, html, ftp, etc), 
> 40 kb/sec simultaneous upload speed. I can play online 
> games without problems. MSN/ICQ remains connected all the 
> time using the same ip address. No packet loss problems.The 
> two 600/300 lines really looks very similar to a 1200/600 line. 
> It´s really wonderful. 
> I hope this can help someone. The load balance isn´t so hard 
> to do when you know which commands you really need. I did 
> it, why can´t you do it too? :) 
I did :) My real setup is: 

5 eths, 1 local, 4 uplinks, 
14Mbits combined downlink, 11Mbits uplink
dual xeon 2.4 HT machine with squid on it
policy routing for solving some strange cases with particular applications
(see my previous posts) and QoS for fair share HTB/ESFQ (ESFQ with own
modifications for queues by source ip in egress after NAT-ing - fw hash)
> Fernando Favero 
> favero@grad.ufsc.br
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> 

-- 
Robert Kurjata     mailto:rkurjata@ire.pw.edu.pl


-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/