Trying to route via two default gateways
FedoraForum.org - Fedora Support Forums and Community
Page 1 of 2 1 2 LastLast
Results 1 to 15 of 28
  1. #1
    Battery Powered Guest

    Trying to route via two default gateways

    Hello all,

    I have a Linux box with one LAN interface which is connected to two DSL routers (using two differnet ISPs).

    Setup:
    Linux box ethernet interface on 10.0.1.1 (255.255.0.0)
    RouterA on 10.0.1.254 (255.255.0.0), uses one ISP
    RouterB on 10.0.1.252 (255.255.0.0), uses another ISP

    Both of the DSL routers port forward 80/tcp and 22/tcp to 10.0.1.1.

    10.0.1.1 normally has its default gateway set to RouterA (10.0.1.254), but when testing is required via RouterB (10.0.1.252) I need to manually change the routing table to use it as the default gateway - what I would idealy like is for the box itself to re-route traffic via the correct gateway/router itself, depending on where the request originated from.

    The idea being if I then ssh to RouterA the data travels via RouterA (so the first ISP), but if I were to then ssh to RouterB the data travels via the second ISP.

    Hopefully I've made some sense : ) I'm trying to think of the bests ways to accomplish this. I know iptables (running v1.2.10) has some fancy options for re-writing data on-the-fly (particularly noticed the --gw flag and SNAT/DNAT), or thought that adding another NIC and have eth0 data use a default gateway of RouterA and eth1 use a default gateway of RouterB, but not sure how I would go about trying to set that up either :/

    Does anyone have any suggestions or examples on how I could best achieve this?

    All the best,
    BP

  2. #2
    Join Date
    Sep 2004
    Posts
    2,006
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i've been trying to do something similar when switching between modem, ethernet and wireles without success, i just resort to ifup/ifdown'ing them in a particular order, or just setting the default route manually.

  3. #3
    df12 Guest
    Try putting the NIC connected to RouterA on a seperate subnet from the NIC connected to RouterB.

  4. #4
    Battery Powered Guest
    Thanks for the replies!

    I was hoping to aviod using two NIC's but will have to try this route it seems

    Regards,
    BP

  5. #5
    df12 Guest
    It doesn't have to be a physical NIC. If you already have an alias NIC setup just put that on a seperate...

  6. #6
    Battery Powered Guest
    Good suggestion

    How would the box know which route to use by default though? if a 'route add default gw 10.0.0.x' is entered would this not risk all traffic going to one of the router's?

    How would I go about setting this up? I'm thinking if went about 'route add default gw 10.0.0.1 metric 5 && route add default gw 192.168.0.1 metric 10' the box would know how to route to both networks (so my initial goal being hopefully achieved) and would also know to use the lowest cost route for any other traffic, or am I way off?
    Last edited by Battery Powered; 13th May 2005 at 03:28 PM.

  7. #7
    df12 Guest
    I don't think you would even need to add any special routes.

    It's like this, say you have 2 physical NICs (eth0 and eth1) in your server, each one attached to a seperate hub or switch. eth0 has the IP 192.168.0.1 with a netmask of 255.255.255.0 and eth1 has an IP of 192.168.1.1 with a netmask of 255.255.255.0. You also have 2 client machines one connected to each switch ClientA has an ip of 192.168.0.2 and ClientB has an IP of 192.168.1.2.

    With that setup when ClientA pings 192.168.0.1 the server will respond only on eth0, and if ClientB ping 192.168.1.1 the server will only respond on eth1. Default operation is to commnicate on like subnets. It's only when the traffic crosses subnets is the gateway utilized.

    So in your situation, RouterA and RouterB are analogous to ClientA and ClientB in the example. Since traffic coming from RouterA will only be "heard" by NIC (or alias NIC) on it's subnet and likewise for RouterB.

  8. #8
    Battery Powered Guest
    Like what I'm hearing - that makes perfect sense/logic. Will have some time to test this over the weekend and will let you know how I get on.

    Thanks alot for taking the time to reply : )

  9. #9
    Battery Powered Guest
    I couldn't wait so ssh'd in from work and tried this.

    RouterA: 10.0.1.254/255.255.255.0
    RouterB: 10.0.2.254/255.255.255.0

    Linuxbox;
    eth0 Link encap:Ethernet HWaddr 00:30:1B:B3:92:FF
    inet addr:10.0.1.1 Bcast:10.0.1.255 Mask:255.255.255.0
    eth0:0 Link encap:Ethernet HWaddr 00:30:1B:B3:92:FF
    inet addr:10.0.2.1 Bcast:10.255.255.255 Mask:255.255.255.0

    After this, I could comunicate with both routers fine so things looked good - however could still only SSH in on RouterA's WAN IP, not RouterB's.

    Tried the issuing the following to force 10.0.1.0/24 to RouterA and 10.0.2.0/24 to RouterB:
    route add -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.1.254 dev eth0
    route add -net 10.0.2.0 netmask 255.255.255.0 gw 10.0.2.254 dev eth0:0

    But this did not improve matters, still couldn't SSH in on RouterB's WAN IP.

    Routing table looks like now:
    route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.0.1.0 10.0.1.254 255.255.255.0 UG 0 0 0 eth0
    10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    10.0.2.0 10.0.2.254 255.255.255.0 UG 0 0 0 eth0
    10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
    0.0.0.0 10.0.1.254 0.0.0.0 UG 1 0 0 eth0

    So my entries are in place and it should in my logic work - but it doesn't :/

    (and yep I did update the port forwarding on RouterB to forward 22/tcp to the new (alias) IP of 10.0.2.1)

    Any ideas why this is failing?

    Regards,
    BP

  10. #10
    Battery Powered Guest
    I have tried adding two default gateways, just the RouterB being at a higher cost hoping that if it failed to route via RouterA it would try RouterB, like:

    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.0.1.0 10.0.1.254 255.255.255.0 UG 0 0 0 eth0
    10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    10.0.2.0 10.0.2.254 255.255.255.0 UG 0 0 0 eth0
    10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
    0.0.0.0 10.0.1.254 0.0.0.0 UG 5 0 0 eth0
    0.0.0.0 10.0.2.254 0.0.0.0 UG 10 0 0 eth0

    but it didn't work either :/

  11. #11
    df12 Guest
    Try using tcpdump while you are attempting a connection through RouterB
    Code:
    tcpdump -n -i eth0
    since we're only talking 1 physical device here you should be able to see all the traffic. What you are looking for is any traffic coming from RouterB to 10.0.2.254, and then from 10.0.2.254 to RouterB.

  12. #12
    Battery Powered Guest
    Because I'm connected via SSH at present I've limited the output to display just whats required, and nothing was captured.

    Tried both 'tcpdump -n -i eth0 |grep 10.0.2.1' and 'tcpdump -n -i eth0 |grep 10.0.2.254' and not a zip.. so would it appear that the port forwarding a router level is failing? but because if I set the default gateway on the box to RouterB I can SSH in fine it would seem something else :/

  13. #13
    Battery Powered Guest
    I tied putting another NIC in the box, the setup looked as follows:
    Code:
    ifconfig [trimmed] ->
    eth0      Link encap:Ethernet  HWaddr 00:0F:3D:EB:61:E3
              inet addr:10.0.1.1  Bcast:10.0.1.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
    eth1      Link encap:Ethernet  HWaddr 00:30:1B:B3:92:FF
              inet addr:10.0.2.1  Bcast:10.0.2.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
    route -n ->
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    10.0.1.0        10.0.1.254      255.255.255.0   UG    0      0        0 eth0
    10.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
    10.0.2.0        10.0.2.254      255.255.255.0   UG    0      0        0 eth1
    10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 eth1
    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
    0.0.0.0         10.0.1.254      0.0.0.0         UG    1      0        0 eth0
    And still no joy, even forcing traffic like 'traceroute google.co.uk i eth1' via RouterB wouldn't work unless the machines default gateway was RouterB.

    It's as if my 'route add -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.1.254 dev eth0' commands are being disregarded altogether.

    Any further ideas?

  14. #14
    df12 Guest
    traffic originating on the server will always take the default route, unless you have static routes assigned or the destination is the "local" subnet. So your traceroute to google will always go out the default route.

    But originally that wasn't the question you asked. You wanted traffic comming in RouterA to go back out RouterA and in RouterB out RrouterB. Perhaps I misunderstood.

    Since you don't see anything on the tcpdump, it has to be a problem with the router itself. Since those NICs are directly connected to thier respective router if there was ANY traffic coming out of either router you would see it. Basically there really isn't anything you can do on the server to somehow get the traffic routed the right way if the router isn't passing the traffic through. One other thing, it could be further upstream that your ssh are being dropped. Some providers do port filtering for security reasons.

    Are you trying to load balance these 2 connections? If so perhaps this thread will help.

  15. #15
    Battery Powered Guest
    Many thanks for the update, I'm not trying to balance the data over both links - I am trying to have data originating from RouterA to be sent back out over RouterA and anything from RouterB sent back out over RouterB.

    When I got home tcpdump did report data getting through (I can only imagine there was an issue with me doing this remotely) - from what I could tell (I don't use tcpdump a lot) everything still appeared to be trying to go to whatever the machines default gw was set to.

    I will provide information of what tcpdump captured this evening / tomorrow which hopefully someone may be able to translate better then me : )

Page 1 of 2 1 2 LastLast

Similar Threads

  1. Default route config ??
    By Xtreme in forum Servers & Networking
    Replies: 2
    Last Post: 10th July 2006, 03:28 PM
  2. No default route with dhcp
    By blueflash in forum Servers & Networking
    Replies: 2
    Last Post: 12th May 2006, 09:20 AM
  3. Default route in FC4
    By huizhu55 in forum Servers & Networking
    Replies: 2
    Last Post: 28th July 2005, 12:19 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •