Andrew Lyon <[EMAIL PROTECTED]> wrote on 10/04/2007 16:34:52:
> >
> >________________________________________
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> >Sent: 10 April 2007 15:17
> >To: lartc@mailman.ds9a.nl
> >Subject: Re: [LARTC] equalize / ecmp not working as expected in 2.6 vs
2.4
> >
> >
> >Hi Andrew,
> >
> >I would use a combination with iptables. You should mark the packets,
for
> example using average or n-th, and then use ip rules to send half of the
> packets vía one router and the rest to the other router according to the
> marks you set with iptables.
> >Just a question ¿ dont you have problems with your source IP and the
> returning responses when you are sending packets from one connection
over
> multiple routers ? ¿ do you have something like an AS ?
> >
> >
> >Best regards,
> >Eric Janz
> >
> >
> >Andrew Lyon <[EMAIL PROTECTED]>
> >Enviado por: [EMAIL PROTECTED]
> >10/04/2007 14:36
> >Para
> >"'lartc@mailman.ds9a.nl'" <lartc@mailman.ds9a.nl>
> >cc
> >
> >Asunto
> > [LARTC] equalize / ecmp not working as expected in 2.6 vs 2.4
>
>
>
> Eric,
>
> Could you give me a example of how to do that? With nth if possible...
>
> It is not common for a ISP to support that sort of setup, but they do
> http://aaisp.net.uk/aa/aaisp/multiline.html
>
> Each line has two ips, one for the router and another for the interface
on a
> linux box or other device, the isp routes a larger /28 down both lines,
and
> allows packets with source address in the /28 range to be sent through
both
> lines.
>
> On my linux server I have a routing table for each line with the
necessary
> routes to make each router ip reachable, and a default route that
equalizes
> over both router ips, it worked with 2.4 but with 2.6 it seems to be
> per-flow instead of per packet.
>
> I can login to a control page app on the ISP website and configure which
> lines a given block is routed down, and they also do really good traffic
> monitoring etc http://www.aaisp.net.uk/cqm.html
>
> PS. Please reply below original posting, not above!
> http://en.wikipedia.org/wiki/Top-posting
>
> Andy
>
>
> JOSEDV001TAG
Hi Andy,
thanks for the info. First of all, in order to use the nth match you need
to patch your kernel using patch-o-matic.
After that, the nth match should be available. Try something like this:
Supposing that the local traffic is entering into your linux server via
eth0:
1. Mark the packets using iptables before the routing decision is done:
iptables -t mangle -A PREROUTING -i eth0 -m nth --every 2 --packet
0 -j MARK --set-mark 111
iptables -t mangle -A PREROUTING -i eth0 -m nth --every 2 --packet
1 -j MARK --set-mark 222
2. Setup some rules to jump to the correct routing tables. In this case I
will suppose that you are using the tables 111 and 222 ( obviously you can
use the ones you like )
ip rule add prio 111 fwmark 111 table 111
ip rule add prio 222 fwmark 222 table 222
( you can also set the priority of the rules at your convenience )
3. Setup your routing tables ( in this example 111 and 222 ) to reach each
router as you had with the 2.4 kernel.
[ ... ]
ip route add table 111 default via ROUTER1_IP_ADDRESS
ip route add table 222 default via ROUTER2_IP_ADDRESS
In this case we need no multipath route. Half of all the packets that come
into eth0 are routed using the 111 table and the rest is routed using the
222 table thanks to the marks we set.
The problems you are experiencing with the multipath routing are due to
that the routing decision uses a cache and after a routing decision to a
destination is done, it would always use the same gateway to reach that
destination until the routing caché expires.
I hope this helps,
Regards,
Eric Janz
--
ADVERTENCIA LEGAL
El contenido de este correo es confidencial y dirigido unicamente a su
destinatario. Para acceder a su clausula de privacidad consulte
http://www.barceloviajes.com/privacy
LEGAL ADVISORY
This message is confidential and intended only for the person or entity to
which it is addressed. In order to read its privacy policy consult it at
http://www.barceloviajes.com/privacy
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
