Hi all,
I have a similar question like many asked before I know but Please
help as i cant figure out where the problem is and how should I tackle.
I have 2 ISP connections. I want to share the bandwidth from both. I have
copied the script from many places and created my own after changes. Problem
is that only one connection is utilized at a time. Not both working. ratio
of consuming bandwisth between then is around 1:30.
both connections are from dhcp that is dynamic. configuration from 1 ISP
remains same and from 1 changes.
EXTERNAL_IP_2="201.81.219.95"
EXTERNAL_NETWORK_2="201.81.219.0"
EXTERNAL_GATEWAY_IP_2="201.81.219.1"
echo 200 T1 >> /etc/iproute2/rt_tables
echo 201 T2 >> /etc/iproute2/rt_tables
ip route add 192.168.1.0 dev eth1 src 192.168.1.2 table T1
ip route add default via 192.168.1.1 table T1
ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 table T2
ip route add default via $EXTERNAL_GATEWAY_IP_2 table T2
ip route add 192.168.3.0 dev eth0 table T1
ip route add 192.168.1.0 dev eth1 table T1
ip route add 127.0.0.0/8 dev lo table T1
ip route add 192.168.3.0 dev eth0 table T2
ip route add $EXTERNAL_NETWORK_2 dev eth2 table T2
ip route add 127.0.0.0/8 dev lo table T2
ip route add 192.168.1.0 dev eth1 src 192.168.1.2
ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2
ip route add default via $EXTERNAL_GATEWAY_IP_2
ip rule add from 192.168.1.2 table T1
ip rule add from $EXTERNAL_IP_2 table T2
ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1
nexthop via $EXTERNAL_GATEWAY_IP_2 dev eth2 weight 2
route command output is
Destination Gateway Genmask Flags Metric Ref
Use Iface
192.168.1.0 * 255.255.255.255 UH 0
0 0 eth1
192.168.3.0 * 255.255.255.0 U 0
0 0 eth0
192.168.1.0 * 255.255.255.0 U 0
0 0 eth1
201.81.219.0 * 255.255.255.0 U 0
0 0 eth2
default 201.81.219.1 0.0.0.0 UG 0
0 0 eth2
Problem is that the interface which is set gateway is used only. The other
one remains idle.
--
Regards,
Arman
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi, You should change your last rule for some as it: ip route add equalize default nexthop via 192.168.1.1 dev eth0 nexthop via 201.81.219.1 dev eth2 It works fine for load balancing, but when a failure occurrs on one line, whats happen? if one line is down the change it is too slow, and the cache for the route is still there and when I want this Host again the old route is through from the "down" line. I have a script which runs via ping and cron when next hop is down, the box linux will change to use one line. On 9/1/07, Arman <arman.anwar@gmail.com> wrote:> Hi all, > > I have a similar question like many asked before I know but Please > help as i cant figure out where the problem is and how should I tackle. > > I have 2 ISP connections. I want to share the bandwidth from both. I have > copied the script from many places and created my own after changes. Problem > is that only one connection is utilized at a time. Not both working. ratio > of consuming bandwisth between then is around 1:30. > > both connections are from dhcp that is dynamic. configuration from 1 ISP > remains same and from 1 changes. > > EXTERNAL_IP_2="201.81.219.95" > EXTERNAL_NETWORK_2=" 201.81.219.0" > EXTERNAL_GATEWAY_IP_2="201.81.219.1" > > echo 200 T1 >> /etc/iproute2/rt_tables > echo 201 T2 >> /etc/iproute2/rt_tables > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 table T1 > ip route add default via 192.168.1.1 table T1 > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 table T2 > ip route add default via $EXTERNAL_GATEWAY_IP_2 table T2 > > ip route add 192.168.3.0 dev eth0 table T1 > ip route add 192.168.1.0 dev eth1 table T1 > ip route add 127.0.0.0/8 dev lo table T1 > ip route add 192.168.3.0 dev eth0 table T2 > ip route add $EXTERNAL_NETWORK_2 dev eth2 table T2 > ip route add 127.0.0.0/8 dev lo table T2 > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 > > ip route add default via $EXTERNAL_GATEWAY_IP_2 > > ip rule add from 192.168.1.2 table T1 > ip rule add from $EXTERNAL_IP_2 table T2 > > ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 > nexthop via $EXTERNAL_GATEWAY_IP_2 dev eth2 weight 2 > > > route command output is > > Destination Gateway Genmask Flags Metric Ref > Use Iface > 192.168.1.0 * 255.255.255.255 UH 0 0 > 0 eth1 > 192.168.3.0 * 255.255.255.0 U 0 > 0 0 eth0 > 192.168.1.0 * 255.255.255.0 U 0 > 0 0 eth1 > 201.81.219.0 * 255.255.255.0 U 0 > 0 0 eth2 > default 201.81.219.1 0.0.0.0 UG 0 > 0 0 eth2 > > Problem is that the interface which is set gateway is used only. The other > one remains idle. > > -- > Regards, > Arman > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > >-- "The network is the computer"
Thats fine but primary problem is that only one connection is used at a time but I want to utilize both at the same time. Please guide ---------- Forwarded message ---------- From: "Jorge Evangelista" <netsecuredata@gmail.com> To: lartc@mailman.ds9a.nl Date: Sat, 1 Sep 2007 18:33:35 -0500 Subject: Re: [LARTC] 2 ISP connection sharing problem Hi, You should change your last rule for some as it: ip route add equalize default nexthop via 192.168.1.1 dev eth0 nexthop via 201.81.219.1 dev eth2 It works fine for load balancing, but when a failure occurrs on one line, whats happen? if one line is down the change it is too slow, and the cache for the route is still there and when I want this Host again the old route is through from the "down" line. I have a script which runs via ping and cron when next hop is down, the box linux will change to use one line. On 9/1/07, Arman <arman.anwar@gmail.com> wrote:> Hi all, > > I have a similar question like many asked before I know butPlease> help as i cant figure out where the problem is and how should I tackle. > > I have 2 ISP connections. I want to share the bandwidth from both. I have > copied the script from many places and created my own after changes.Problem> is that only one connection is utilized at a time. Not both working. ratio > of consuming bandwisth between then is around 1:30. > > both connections are from dhcp that is dynamic. configuration from 1 ISP > remains same and from 1 changes. > > EXTERNAL_IP_2="201.81.219.95" > EXTERNAL_NETWORK_2=" 201.81.219.0" > EXTERNAL_GATEWAY_IP_2="201.81.219.1" > > echo 200 T1 >> /etc/iproute2/rt_tables > echo 201 T2 >> /etc/iproute2/rt_tables > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 table T1 > ip route add default via 192.168.1.1 table T1 > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 table T2 > ip route add default via $EXTERNAL_GATEWAY_IP_2 table T2 > > ip route add 192.168.3.0 dev eth0 table T1 > ip route add 192.168.1.0 dev eth1 table T1 > ip route add 127.0.0.0/8 dev lo table T1 > ip route add 192.168.3.0 dev eth0 table T2 > ip route add $EXTERNAL_NETWORK_2 dev eth2 table T2 > ip route add 127.0.0.0/8 dev lo table T2 > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 > > ip route add default via $EXTERNAL_GATEWAY_IP_2 > > ip rule add from 192.168.1.2 table T1 > ip rule add from $EXTERNAL_IP_2 table T2 > > ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight1> nexthop via $EXTERNAL_GATEWAY_IP_2 dev eth2 weight 2 > > > route command output is > > Destination Gateway Genmask Flags Metric Ref > Use Iface > 192.168.1.0 * 255.255.255.255 UH 00> 0 eth1 > 192.168.3.0 * 255.255.255.0 U 0 > 0 0 eth0 > 192.168.1.0 * 255.255.255.0 U 0 > 0 0 eth1 > 201.81.219.0 * 255.255.255.0 U 0 > 0 0 eth2 > default 201.81.219.1 0.0.0.0 UG 0 > 0 0 eth2 > > Problem is that the interface which is set gateway is used only. The other > one remains idle. > > -- > Regards, > Arman >_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi,>Thats fine but primary problem is that only one connection is used at a >time but I want to utilize both at the same time. Please guideYou have iptables based options to solve this problem: 1) You can use u32 module to mark and then route packets based on the destination address example use of u32: $IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0000" -j MARK --set-mark 0x10 (packets to addresses with last bit UNSET will be marked with 0x10 value) $IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0001" -j MARK --set-mark 0x11 (packets to addresses with last bit SET will be marked with 0x10 value) Then you add routing policy rules: ip ru add fwmark 0x10 table T1 prio 100 ip ru add fwmark 0x11 table T2 prio 100 2) You can use statistics and connmark module to balance connections between two links Sorry, no fish here, only fishing rod. I don''t have a working config similar to what you need and making something up would be to time consuming. connmark module: http://home.regit.org/?page_id=7 statistic module: it''s poorly documented, but you can use it like that... "-m statistic --mode random --probability PERCENT" Basic idea is to mark some percent of NEW connection with mark 0x10 and rest with 0x11. Then you add policy routes like in example above. Good luck. Cheers, Marek Kierdelewicz KoBa ISP
I get following error while run the command iptables -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0000" -j MARK --set-mark 0x10 error> iptables v1.2.11: Couldn''t load match `u32'':/lib/iptables/libipt_u32.so: cannot open shared object file: No such file or directory I m using FC3 Linux Kernel 2.6.9-1.667 Any further pointer? ---------- Forwarded message ---------- From: Marek Kierdelewicz <marek@piasta.pl> To: lartc@mailman.ds9a.nl Date: Sun, 2 Sep 2007 13:33:11 +0200 Subject: Re: Re: [LARTC] 2 ISP connection sharing problem Hi,>Thats fine but primary problem is that only one connection is used at a >time but I want to utilize both at the same time. Please guideYou have iptables based options to solve this problem: 1) You can use u32 module to mark and then route packets based on the destination address example use of u32: $IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0000" -j MARK --set-mark 0x10 (packets to addresses with last bit UNSET will be marked with 0x10 value) $IPT -t mangle -A FORWARD -m u32 --u32 "16&0x0001=0x0001" -j MARK --set-mark 0x11 (packets to addresses with last bit SET will be marked with 0x10 value) Then you add routing policy rules: ip ru add fwmark 0x10 table T1 prio 100 ip ru add fwmark 0x11 table T2 prio 100 2) You can use statistics and connmark module to balance connections between two links Sorry, no fish here, only fishing rod. I don''t have a working config similar to what you need and making something up would be to time consuming. connmark module: http://home.regit.org/?page_id=7 statistic module: it''s poorly documented, but you can use it like that... "-m statistic --mode random --probability PERCENT" Basic idea is to mark some percent of NEW connection with mark 0x10 and rest with 0x11. Then you add policy routes like in example above. Good luck. Cheers, Marek Kierdelewicz KoBa ISP _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Sun, Sep 02, 2007 at 03:25:11PM +0500, Arman wrote:> Thats fine but primary problem is that only one connection is used at a time > but I want to utilize both at the same time. Please guide > > > ---------- Forwarded message ---------- > From: "Jorge Evangelista" <netsecuredata@gmail.com> > To: lartc@mailman.ds9a.nl > Date: Sat, 1 Sep 2007 18:33:35 -0500 > Subject: Re: [LARTC] 2 ISP connection sharing problem > Hi, > > You should change your last rule for some as it: > > ip route add equalize default nexthop via 192.168.1.1 dev eth0 > nexthop via 201.81.219.1 dev eth2 > > It works fine for load balancing, but when a failure occurrs on one > line, whats happen? if one line is down the change it is too slow, and > the cache for the route is still there and when I want this Host again > the old route is through from the "down" line. > > I have a script which runs via ping and cron when next hop is down, > the box linux will change to use one line.i have something similiar, but my problem is conntrack/natting. once a stream is up and running, conntrack remembers with external ip and tries to route out that one untill the connection is closed - which it will not be until it gets an rst/finish. This can take a while to settle down - wait for all the timers to run out...> > > > > > > On 9/1/07, Arman <arman.anwar@gmail.com> wrote: > > Hi all, > > > > I have a similar question like many asked before I know but > Please > > help as i cant figure out where the problem is and how should I tackle. > > > > I have 2 ISP connections. I want to share the bandwidth from both. I have > > copied the script from many places and created my own after changes. > Problem > > is that only one connection is utilized at a time. Not both working. ratio > > of consuming bandwisth between then is around 1:30. > > > > both connections are from dhcp that is dynamic. configuration from 1 ISP > > remains same and from 1 changes. > > > > EXTERNAL_IP_2="201.81.219.95" > > EXTERNAL_NETWORK_2=" 201.81.219.0" > > EXTERNAL_GATEWAY_IP_2="201.81.219.1" > > > > echo 200 T1 >> /etc/iproute2/rt_tables > > echo 201 T2 >> /etc/iproute2/rt_tables > > > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 table T1 > > ip route add default via 192.168.1.1 table T1 > > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 table T2 > > ip route add default via $EXTERNAL_GATEWAY_IP_2 table T2 > > > > ip route add 192.168.3.0 dev eth0 table T1 > > ip route add 192.168.1.0 dev eth1 table T1 > > ip route add 127.0.0.0/8 dev lo table T1 > > ip route add 192.168.3.0 dev eth0 table T2 > > ip route add $EXTERNAL_NETWORK_2 dev eth2 table T2 > > ip route add 127.0.0.0/8 dev lo table T2 > > > > ip route add 192.168.1.0 dev eth1 src 192.168.1.2 > > ip route add $EXTERNAL_NETWORK_2 dev eth2 src $EXTERNAL_IP_2 > > > > ip route add default via $EXTERNAL_GATEWAY_IP_2 > > > > ip rule add from 192.168.1.2 table T1 > > ip rule add from $EXTERNAL_IP_2 table T2 > > > > ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight > 1 > > nexthop via $EXTERNAL_GATEWAY_IP_2 dev eth2 weight 2 > > > > > > route command output is > > > > Destination Gateway Genmask Flags Metric Ref > > Use Iface > > 192.168.1.0 * 255.255.255.255 UH 0 > 0 > > 0 eth1 > > 192.168.3.0 * 255.255.255.0 U 0 > > 0 0 eth0 > > 192.168.1.0 * 255.255.255.0 U 0 > > 0 0 eth1 > > 201.81.219.0 * 255.255.255.0 U 0 > > 0 0 eth2 > > default 201.81.219.1 0.0.0.0 UG 0 > > 0 0 eth2 > > > > Problem is that the interface which is set gateway is used only. The other > > one remains idle. > > > > -- > > Regards, > > Arman > >> _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
HI,
Is not there any work around to tackle this. As i dont want to do such
things on a live server. Like is not there any specific patch or libs to
update instead of compiling Kernel.
Hi,
>error> iptables v1.2.11: Couldn''t load match
>`u32'':/lib/iptables/libipt_u32.so: cannot open shared object file:
No
>such file or directory
>
>I m using FC3 Linux Kernel 2.6.9-1.667
U32 module is not available in vanilla kernels and your kernel probably
lacks it too. You should ask for help on Fedora groups. Maybe there are
network-oriented prebuild kernels available. Remember that you''ll also
need iptables support for u32 module.
Alternative is to:
- download vanilla kernel source
- download iptables source
- download patch-o-matic-ng
- patch kernel&iptables source with u32 patch from patch-o-matic-ng
- compile&install new kernel, modules and iptables
Marek Kierdelewicz
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
I have divided my network into 2 parts now that is 193.168.3.127/25 and 192.168.3.128/25. I want to route part1 to ISP1 and Part 2 to ISP2. I have made changes into rules. But I think my Tables T1,T2 are not used and default table is in use. How can I command to use tables T1,T2 instead of default table. route command output is Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.3.0 * 255.255.255.0 U 0 0 0 eth0 203.81.213.0 * 255.255.255.0 U 0 0 0 eth2 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth2 default 203.81.213.1 0.0.0.0 UG 0 0 0 eth2 -- Regards, Arman _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Arman,
: I have divided my network into 2 parts now that is
: 193.168.3.127/25 and 192.168.3.128/25.
According to this output, below, you have not divided your /24 into
two different networks, and it''s really not clear exactly what you
are asking. Neither of these show up in your routing table:
192.168.3.0/25 (netmask 255.255.255.128)
192.168.3.128/25 (netmask 255.255.255.128)
: Destination Gateway Genmask Flags Metric Ref Use
: Iface
: 192.168.3.0 * 255.255.255.0 U 0 0 0 eth0
: 203.81.213.0 * 255.255.255.0 U 0 0 0 eth2
: 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
: 169.254.0.0 * 255.255.0.0 U 0 0 0 eth2
: default 203.81.213.1 0.0.0.0 UG 0 0 0 eth2
: I want to route part1 to ISP1 and Part 2 to ISP2.
Without further data ("ip rule show", "ip route show table
$ALT") we
cannot know which interface your ISP2 is reachable through.
: I have made changes into rules. But I think my Tables T1,T2 are
: not used and default table is in use. How can I command to use
: tables T1,T2 instead of default table. route command output is
There are a number of resources you might wish to examine first. I
would recommend first understanding the RPDB lookup mechanism [0]
and then following the steps for multiple uplinks in the (venerable)
LARTC documentation [1].
You may find it fruitful to simulate the route lookup on a
packet by packet basis by learning how to use the "ip route get"
command:
# ip route get iif eth4 70.14.115.3 from XX.YY.204.58
70.14.115.3 from XX.YY.204.58 via XX.YY.204.1 dev eth8 src 192.168.4.1
cache <src-direct> mtu 1500 advmss 1460 metric10 64 iif eth4
# ip route get iif eth3 70.14.115.3 from 192.168.3.117
70.14.115.3 from 192.168.3.117 via XX.YY.204.1 dev eth7 src 192.168.3.1
cache <src-direct> mtu 1500 advmss 1460 metric10 64 iif eth3
Good luck,
- -Martin
[0] http://linux-ip.net/html/routing-selection.html
http://linux-ip.net/html/routing-selection.html#routing-selection-adv
[1] http://lartc.org/howto/lartc.rpdb.multiple-links.html
- --
Martin A. Brown
http://linux-ip.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: pgf-0.72 (http://linux-ip.net/sw/pine-gpg-filter/)
iD8DBQFG3E3iHEoZD1iZ+YcRApZPAJwNhRk25oxC17Zmgy2sLNtBq7HRoACdGk/P
p07vvD2W9yfFK+Ws/wPAjT0=BAoI
-----END PGP SIGNATURE-----
Hi>I have divided my network into 2 parts now that is 193.168.3.127/25 and >192.168.3.128/25. I want to route part1 to ISP1 and Part 2 to ISP2. I >have made changes into rules. But I think my Tables T1,T2 are not used >and default table is in use. How can I command to use tables T1,T2What is the output of "ip ru sh" command on your router? cheers, Marek Kierdelewicz
On Mon, 3 Sep 2007 22:57:06 +0500 Arman <arman.anwar@gmail.com> wrote:> I have divided my network into 2 parts now that is 193.168.3.127/25 and > 192.168.3.128/25. I want to route part1 to ISP1 and Part 2 to ISP2. I have > made changes into rules. But I think my Tables T1,T2 are not used and > default table is in use. How can I command to use tables T1,T2 instead of > default table. route command output is > > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.3.0 * 255.255.255.0 U 0 0 0 eth0 > 203.81.213.0 * 255.255.255.0 U 0 0 0 eth2 > 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth2 > default 203.81.213.1 0.0.0.0 UG 0 0 0 eth2 >What is in rules? ip rule list You need there: xxxx: from 193.168.3.127/25 lookup T1 xxxx: from 193.168.3.128/25 lookup T2 Then you need NAT. That is all... -- With best regards, Pan''ko Alexander.
Hi Arman, If you want to route part1 to ISP1 and Part 2 to ISP2. You should have the following rules ip rule add from 193.168.3.0/25 to 0.0.0.0/0 table 100 ip route add default via 192.168.1.1 table 100 ip rule add from 192.168.3.128/25 to 0.0.0.0/0 table 200 ip route add default via 203.81.213.1 table 200 On 9/3/07, Martin A. Brown <martin@linux-ip.net> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Arman, > > : I have divided my network into 2 parts now that is > : 193.168.3.127/25 and 192.168.3.128/25. > > According to this output, below, you have not divided your /24 into > two different networks, and it''s really not clear exactly what you > are asking. Neither of these show up in your routing table: > > 192.168.3.0/25 (netmask 255.255.255.128) > 192.168.3.128/25 (netmask 255.255.255.128) > > : Destination Gateway Genmask Flags Metric Ref Use > : Iface > : 192.168.3.0 * 255.255.255.0 U 0 0 0 eth0 > : 203.81.213.0 * 255.255.255.0 U 0 0 0 eth2 > : 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 > : 169.254.0.0 * 255.255.0.0 U 0 0 0 eth2 > : default 203.81.213.1 0.0.0.0 UG 0 0 0 eth2 > > : I want to route part1 to ISP1 and Part 2 to ISP2. > > Without further data ("ip rule show", "ip route show table $ALT") we > cannot know which interface your ISP2 is reachable through. > > : I have made changes into rules. But I think my Tables T1,T2 are > : not used and default table is in use. How can I command to use > : tables T1,T2 instead of default table. route command output is > > There are a number of resources you might wish to examine first. I > would recommend first understanding the RPDB lookup mechanism [0] > and then following the steps for multiple uplinks in the (venerable) > LARTC documentation [1]. > > You may find it fruitful to simulate the route lookup on a > packet by packet basis by learning how to use the "ip route get" > command: > > # ip route get iif eth4 70.14.115.3 from XX.YY.204.58 > 70.14.115.3 from XX.YY.204.58 via XX.YY.204.1 dev eth8 src 192.168.4.1 > cache <src-direct> mtu 1500 advmss 1460 metric10 64 iif eth4 > # ip route get iif eth3 70.14.115.3 from 192.168.3.117 > 70.14.115.3 from 192.168.3.117 via XX.YY.204.1 dev eth7 src 192.168.3.1 > cache <src-direct> mtu 1500 advmss 1460 metric10 64 iif eth3 > > Good luck, > > - -Martin > > [0] http://linux-ip.net/html/routing-selection.html > http://linux-ip.net/html/routing-selection.html#routing-selection-adv > [1] http://lartc.org/howto/lartc.rpdb.multiple-links.html > > - -- > Martin A. Brown > http://linux-ip.net/ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (GNU/Linux) > Comment: pgf-0.72 (http://linux-ip.net/sw/pine-gpg-filter/) > > iD8DBQFG3E3iHEoZD1iZ+YcRApZPAJwNhRk25oxC17Zmgy2sLNtBq7HRoACdGk/P > p07vvD2W9yfFK+Ws/wPAjT0> =BAoI > -----END PGP SIGNATURE----- >-- "The network is the computer"
Hi all,
I am now testing on a simplest scenario. I have an ip 192.168.3.5 on
intranet. I want to route it through ISP1. All other traffic will go through
ISP2 which is default gateway on machine so I dont need to add any rule for
that. I have executed following commands
----
echo 150 ISP1 >> /etc/iproute2/rt_tables
ip rule add from 193.168.3.5/32 to 0.0.0.0/0 table ISP1
ip route add default via 192.168.1.1 table ISP1
ip route flush cache
----
Following is the tables state
[root@localhost ~]# ip rule list
0: from all lookup local
32764: from 193.168.3.5 lookup ISP1
32765: from 193.168.3.5 lookup ISP1
32766: from all lookup main
32767: from all lookup default
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.3.0 * 255.255.255.0 U 0 0 0 eth0
203.81.198.0 * 255.255.255.0 U 0 0 0 eth2
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default 203.81.194.24 0.0.0.0 UG 0 0 0 eth2
[root@localhost ~]# ip route list table ISP1
default via 192.168.1.1 dev eth1
system is natted.
I have checked for ip 192.168.3.5 but this is still from default gateway.
Not going my settings. Internet is working for 192.168.3.5 but through ISP2.
Will I have to do something with main table?
--
Regards,
Arman
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Here is my natting script -------------- IPTABLES=/sbin/iptables echo 1 > /proc/sys/net/ipv4/ip_forward $IPTABLES -F $IPTABLES -t nat -F /sbin/modprobe ip_nat_ftp INTERNAL_NETWORK="192.168.3.0/24" $IPTABLES -t nat -A POSTROUTING -s $INTERNAL_NETWORK -o eth2 -j MASQUERADE $IPTABLES -t nat -A POSTROUTING -s $INTERNAL_NETWORK -o eth1 -j MASQUERADE $IPTABLES -A INPUT -i eth0 -s $INTERNAL_NETWORK -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i eth0 -o eth2 -s $INTERNAL_NETWORK -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i eth0 -o eth1 -s $INTERNAL_NETWORK -m state --state ESTABLISHED,RELATED -j ACCEPT ------------------- On 9/5/07, Pan''ko Alexander <pankoAA@yandex.ru> wrote:> > On Tue, 4 Sep 2007 22:55:17 +0500 > Arman <arman.anwar@gmail.com> wrote: > > > Hi all, > > I am now testing on a simplest scenario. I have an ip 192.168.3.5on > > intranet. I want to route it through ISP1. All other traffic will go > through > > ISP2 which is default gateway on machine so I dont need to add any rule > for > > that. I have executed following commands > > ---- > > echo 150 ISP1 >> /etc/iproute2/rt_tables > > ip rule add from 193.168.3.5/32 to 0.0.0.0/0 table ISP1 > > ip route add default via 192.168.1.1 table ISP1 > > ip route flush cache > > ---- > > Following is the tables state > > > > [root@localhost ~]# ip rule list > > 0: from all lookup local > > 32764: from 193.168.3.5 lookup ISP1 > > 32765: from 193.168.3.5 lookup ISP1 > > 32766: from all lookup main > > 32767: from all lookup default > > > > [root@localhost ~]# route > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref Use > > Iface > > 192.168.3.0 * 255.255.255.0 U 0 0 0 > eth0 > > 203.81.198.0 * 255.255.255.0 U 0 0 0 > eth2 > > 192.168.1.0 * 255.255.255.0 U 0 0 0 > eth1 > > 169.254.0.0 * 255.255.0.0 U 0 0 0 > eth1 > > default 203.81.194.24 0.0.0.0 UG 0 0 0 > eth2 > > > > [root@localhost ~]# ip route list table ISP1 > > default via 192.168.1.1 dev eth1 > > > > I have very nearest configuration and it is working > > > system is natted. > > What and how is natted? > > The right is: > iptables -t nat -A POSTROUTING -s 192.168.3.5 -j MASQUERADE > > Or > iptables -t nat -A POSTROUTING -s 192.168.3.5 -j SNAT --to-source (ip of > eth1) > > > May be you have > iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -j SNAT --to-source (ip > of eth2) > It is wrong. > > Try to determin routing by tcpdump -i ethX. > > > > > I have checked for ip 192.168.3.5 but this is still from default > gateway. > > Not going my settings. Internet is working for 192.168.3.5 but through > ISP2. > > Will I have to do something with main table? > > > > -- > > Regards, > > Arman > > > > > -- > With best regards, Pan''ko Alexander. > >-- Regards, Arman Anwar _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc