Question: IPROUTES2 Multiple default routes restricted to specific NICs

Question: IPROUTES2 Multiple default routes restricted to specific NICs

Post by zedka » Fri, 24 Dec 2010 18:14:07



Dear all,

*** BACKGROUND
    I have been trying to work out how to configure routing tables on a
server.   The problem I came across is that all traffic that comes in on
one interface has to leave on that interface.

*** THE GOAL
    Below is the routing table that I would like to create. The O/S is
Suse 11.

  # eth0 - 10.254.66.90 netmask 255.255.252.0
  # eth0's default gateway is: 10.254.64.73
  # eth0's gateway for all traffic to or from 10.0.0.0 is: 10.254.64.50
  # --------------------------------------------------
  # eth1 - 10.254.42.13 netmask 255.255.252.0
  # eth1's default gateway is: 10.254.40.73
  # eth1's gateway for all traffic to or from 10.0.0.0 is: 10.254.40.50
  # --------------------------------------------------
  # All netmasks are /22 255.255.252.0
  # All traffic that enters on eth1 should exit on eth1, the same is
true for eth0.  Each NIC is isolated on its own VLAN.

Here is the currently working routes file, that is used with only eth0,
and works:
# cat /etc/sysconfig/network/routes
default 10.254.64.73 255.255.252.0 -
10.0.0.0 10.254.64.50 255.0.0.0 -

*** EARLIER ATTEMPTS AND FAILURE
Using the file above above as a template, I tried to do this with the
usual routing style, but this causes the server to have messed up
routing tables successfully disconnecting the server from the network:
# cat /etc/sysconfig/network/routes
default 10.254.64.73 255.255.252.0 eth0
default 10.254.40.73 255.255.252.0 eth1
10.0.0.0 10.254.64.50 255.0.0.0 eth0
10.0.0.0 10.254.40.50 255.0.0.0 eth1
I do not think this is the best way to go.

*** IPROUTES
I decided that this was not the best way and IPROUTE2 would be the
better choice.

I read that iproutes could be able to perform this, but cannot really
get to grips with the syntax.  I think something could be achieved with
: ip rule add iff eth0 <insert rest of command>, and then use several of
these to route the traffic, but I am very unsure.  I am certain that
there are better ways to do this, but I only typed 'ip rule show' for
the first time last night...

*** CRY FOR HELP
Does anyone know whether what I want is possible, and if so could offer
some advise on how to go about this, because I am pretty lost with this?

Best regards.
Z

--
Please do not reply to my Email address. It is a faux Email address.
*punk FPS/MMORG      www.neocron.com
Runs on Windows, platinum in latest WINE/Ubuntu. Running since 2002.

 
 
 

Question: IPROUTES2 Multiple default routes restricted to specific NICs

Post by zedka » Sat, 25 Dec 2010 00:05:32



Quote:> Dear all,

> *** BACKGROUND
>     I have been trying to work out how to configure routing tables on a
> server.   The problem I came across is that all traffic that comes in on
> one interface has to leave on that interface.

> *** THE GOAL
>     Below is the routing table that I would like to create. The O/S is
> Suse 11.

>   # eth0 - 10.254.66.90 netmask 255.255.252.0
>   # eth0's default gateway is: 10.254.64.73
>   # eth0's gateway for all traffic to or from 10.0.0.0 is: 10.254.64.50
>   # --------------------------------------------------
>   # eth1 - 10.254.42.13 netmask 255.255.252.0
>   # eth1's default gateway is: 10.254.40.73
>   # eth1's gateway for all traffic to or from 10.0.0.0 is: 10.254.40.50
>   # --------------------------------------------------
>   # All netmasks are /22 255.255.252.0
>   # All traffic that enters on eth1 should exit on eth1, the same is
> true for eth0.  Each NIC is isolated on its own VLAN.

> Here is the currently working routes file, that is used with only eth0,
> and works:
> # cat /etc/sysconfig/network/routes
> default 10.254.64.73 255.255.252.0 -
> 10.0.0.0 10.254.64.50 255.0.0.0 -

> *** EARLIER ATTEMPTS AND FAILURE
> Using the file above above as a template, I tried to do this with the
> usual routing style, but this causes the server to have messed up
> routing tables successfully disconnecting the server from the network:
> # cat /etc/sysconfig/network/routes
> default 10.254.64.73 255.255.252.0 eth0
> default 10.254.40.73 255.255.252.0 eth1
> 10.0.0.0 10.254.64.50 255.0.0.0 eth0
> 10.0.0.0 10.254.40.50 255.0.0.0 eth1
> I do not think this is the best way to go.

> *** IPROUTES
> I decided that this was not the best way and IPROUTE2 would be the
> better choice.

> I read that iproutes could be able to perform this, but cannot really
> get to grips with the syntax.  I think something could be achieved with
> : ip rule add iff eth0 <insert rest of command>, and then use several of
> these to route the traffic, but I am very unsure.  I am certain that
> there are better ways to do this, but I only typed 'ip rule show' for
> the first time last night...

> *** CRY FOR HELP
> Does anyone know whether what I want is possible, and if so could offer
> some advise on how to go about this, because I am pretty lost with this?

> Best regards.
> Z

Problem solved at an application level:  Squid:  Force the outgoing IP
to be used by squid (as this is the only application that'll make use of it)
tcp_outgoing_address 1.2.3.4  (or whatever IP it is)

--
Please do not reply to my Email address. It is a faux Email address.
*punk FPS/MMORG      www.neocron.com
Runs on Windows, platinum in latest WINE/Ubuntu. Running since 2002.

 
 
 

Question: IPROUTES2 Multiple default routes restricted to specific NICs

Post by Chris Davie » Sat, 25 Dec 2010 18:24:02



> I have been trying to work out how to configure routing tables on a
> server.
> Below is the routing table that I would like to create
>  # eth0 - 10.254.66.90 netmask 255.255.252.0
>  # eth0's default gateway is: 10.254.64.73
>  # eth0's gateway for all traffic to or from 10.0.0.0 is: 10.254.64.50
>  # --------------------------------------------------
>  # eth1 - 10.254.42.13 netmask 255.255.252.0
>  # eth1's default gateway is: 10.254.40.73
>  # eth1's gateway for all traffic to or from 10.0.0.0 is: 10.254.40.50
>  # --------------------------------------------------
>  # All netmasks are /22 255.255.252.0
>  # All traffic that enters on eth1 should exit on eth1, the same is
> true for eth0.  Each NIC is isolated on its own VLAN.

Which interface should be chosen for traffic originating on
this server destined for targets outside your interface LANs
10.254.66.90/255.255.252.0 and 10.254.42.13/255.255.252.0? For example,
10.1.2.3 or 87.127.161.67.

You *cannot* have two default routes: the default route is by definition
the default for all traffic not explicitly routed.

Quote:> Does anyone know whether what I want is possible, and if so could offer
> some advise on how to go about this, because I am pretty lost with this?

As described, this is not possible. But you may be able to achieve what
you want by thinking your network requirements.

Chris

 
 
 

Question: IPROUTES2 Multiple default routes restricted to specific NICs

Post by Vlad_Inhale » Sat, 25 Dec 2010 21:41:53


Hmm, I tried to something related a while back but never got it to
work.

My situation is: two ISPs, one is unreliable and the other somewhat
better.
I wanted to use a routing protocol rather than a fixed table so that
if one went down, the other one would automatically take up the slack.
One of them has a fixed IP-Adress (the Router is responsible), the
other does not.

I experimented but eventually gave up and used a physical switch,
position A is ISP-1 and B is ISP-2.

Reading your postings here, that is the best I can hope for.  I am
also using Opensuse - the newest version.

 
 
 

1. Default routing over multiple NICs.

I have the following setup:

interface = eth0
address = 192.168.13.1
mask = 255.255.255.0

interface = eth1
address = DHCP configured

At boot, my routing table (seen through netstat -rn, and ignoring the
loopback route) looks like:

192.168.13.0 255.255.255.0 eth0
24.92.29.0 255.255.255.0 eth1

There is no network currently attatched to eth0 but eth1 is on the
cablemodem and sound get all the default traffic.  By running "route add
-net default gw 24.92.29.1 eth1" I can get all default traffic out that
door.  However, if I just disable eth0 and don't add a default route,
all traffic still goes out eth1.

Is there some logic used by the Linux networking layer which says "If
all else fails, just go through the first interface."??

Using RH5.2 I have been unable to get the default traffic to go through
eth1 when both NICs are active.  (Yes, I know, I could change the wires
around and get what I want, but how would I learn anything that way?)
(Also, adding the default routing command to a startup script is an
option, but seems like more of a kludge.)

Paul Braman

2. Two NICs / same IP / Load Balancing?

3. defunct routes (was Re: multiple default routes appear in solaris 2.5.1)

4. SB16ASP install help

5. multiple default route routing

6. Multiple routes to net

7. Multiple default routes on multiple interfaces

8. Printer Drivers

9. multiple default route routing

10. Multiple NIC routing question

11. Starting multiple NICs in a specific order

12. Routing table default route entry question

13. ipnat/routing question: Two default routes?