Re: [LARTC] Aliases and Multipath
Guillermo Gomez wrote: By the way, what's the behaviour of multipath routing if one of the providers goes down ? Should i take care manually to take it out from the multipath ? I think it will still try to be routed out the link that is down. The linux kernel only removes routes if the actual eth device goes down. You'll need some way of determining which links are down and removing the routes. have you read: http://www.ssi.bg/~ja/nano.txt You probabaly don't want to use all of that, but some parts will be suitable. Regards, -- ~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear - A CyberGuard Company ---ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliancesweb: http://www.snapgear.com ~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Aliases and Multipath
On Thursday, 04 December 2003, at 11:06:58 -0400, Guillermo Gomez wrote: Does anyone know if i can use ethernet aliases like eth0:1 in advanced routing like multipath routing in order to avoid to have nxEthernet interfaces in my Linux box. I think it is always better to think in ip terms instead of in ifconfig terms with respect to multiple IP addresses assigned to the same network interface. I don't know exactly for ifconfig, but the syntax for ip address states clearly what seems to be happening behind the scenes: # ip address add 172.16.1.1/24 broad + dev eth1 # ip address add 172.16.2.1/24 broad + dev eth1 # ip address add 172.16.3.1/24 broad + dev eth1 So what you are doing is assigning several IP to the same physical interface, and you deal just with IP, anything else. # ip address show dev eth1 2: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:05:1c:09:f2:14 brd ff:ff:ff:ff:ff:ff inet 192.168.1.12/24 brd 192.168.1.255 scope global eth0 inet 172.16.1.1/24 brd 172.16.1.255 scope global eth0 inet 172.16.2.1/24 brd 172.16.2.255 scope global eth0 inet 172.16.3.1/24 brd 172.16.3.255 scope global eth0 Greetings. -- Jose Luis Domingo Lopez Linux Registered User #189436 Debian Linux Sid (Linux 2.6.0-test10-mm1) ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Aliases and Multipath
Got it, thanks Damion It was so easy to think in using directly ethx:y in iptables :( Anyway,my point is that i need to do SNAT in a three ISP environment with multipath routing to balance the outgoing traffic. So far i decided to go with separate Ethernet cards so i will go back to the aliasing thing later. Now i will do NAT with iptables in separate cards in POSTROUTING chain (after routing decision has taken). By the way, what's the behaviour of multipath routing if one of the providers goes down ? Should i take care manually to take it out from the multipath ? Guillermo On Sun, 2003-12-07 at 20:37, Damion de Soto wrote: Hi Guillermo, iptables just does not likes eth0:1 neither eth0:2, is this the right behaviour of iptables or what? i read something about NAT in advance routing engine but never used before and i'm little confuse on how it works. Will it crash with iptables NAT engine? As far as I know, the ethX:X terminology is just for ifconfig usage. Inside the kernel, eth0:1 is exactly the same as eth0. So for iptables rules, you just use the eth0:1 IP address with eth0. this is the same way the 'ip' tool works too. Regards, Damion. ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Aliases and Multipath
Thanks guys for such quick response :) coool Well let me go deeper now with my routing issuess. My desirable topology is: LAN Linux Box eth0-- dsl router (dhcp) eth0:1 -- Frame Router ISP1 (fixed ip range) eth0:2 -- Frame Router ISP2 (fixed ip range) Then i would config: eth0according dhcp server aa.aa.aa.aa eth0:1 xx.xx.xx.xx eth0:2 yy.yy.yy.yy The idea is to balance the outgoing traffic through the three ISPs. One little trouble is dhcp renewal (it always tries to set the default gateway, anyone knows how to avoid that? i could find out from dhcp-client-leases and then configure myself at the right place at the right moment). According to the FAQ i need to guarantee first that any request from eth0 IPADDR goes to the right gateway and so on with eth0:1 and eth0:2 (that's reasonable). After that i would do the multipath config. The question goes now with the NAT stuff, how can i do the SNAT after balancing the traffic with the multipath routing? I can't do: iptables -t nat -A POSTROUTING -o eth0 -j SNAT aa.aa.aa.aa iptables -t nat -A POSTROUTING -o eth0:1 -j SNAT xx.xx.xx.xx iptables -t nat -A POSTROUTING -o eth0:2 -j SNAT yy.yy.yy.yy iptables just does not likes eth0:1 neither eth0:2, is this the right behaviour of iptables or what? i read something about NAT in advance routing engine but never used before and i'm little confuse on how it works. Will it crash with iptables NAT engine? Just to finish to build the router i need to do DNAT for my internal servers but that's trivial with iptables but anyway it would be great to know how to do it with a single tool (don't need to do firewalling in this machine so far, just routing and stateless nat, our should it be statefull? h need to think about). Heeey, does anyone knows if someone has translated the LARTC-FAQs to Spanish? I could do that :) I would like to contribute... Kind regards Guillermo -- Guillermo Gomez [EMAIL PROTECTED] neotech ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
