Re: multihomed linux box

To: <aphro@portal.aphroland.org>
Cc: <debian-user@lists.debian.org>
Subject: Re: multihomed linux box
From: Phil Brutsche <pbrutsch@tux.creighton.edu>
Date: Mon, 9 Jul 2001 19:52:58 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.4.33.0107091936550.25466-100000@tux.creighton.edu>
In-reply-to: <[🔎] 1352.65.113.243.226.994724692.squirrel@webmail.aphroland.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> hi.
>
> i have this setup on 2 machines
>
>
> Machine A
> \ eth0 ---> Switch --> Router A(65.xxx.xx.x.x) --> Internet
> \ eth1 --> Switch --> Router B (63.xx.x.x.x.x) --> Internet
>
> Machine B
> \ eth0 --> Switch --> Router A (65.xx.x.x.x.x) --> internet
> \ eth1 --> Switch --> Router B (63.xx.x.x.x) --> internet
>
> what i can't figure out is how to get it so if one route fails it will
> take the other.

Generally BGP is the way to do it.  However, unless you have a /24- sized
address space assigned by ICANN or whoever does it these days people won't
even talk to you.

> i have routed installed but im not sure if it will do what i want.

I think it can but only if your routers send out RIP packets :)  If they
don't, can't, or whatever then routed obviously won't work.

> what i have:
>
> /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw MY_GATEWAY metric 0
> /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw ALT_GATEWAY metric 1
>
>
> so i ssh to a machien it shows me comming from MY_GATEWAY's ip
> network. so i unplug the router, and try to ssh. nothing. try
> to ping using -i, nothing. once i remove the route to MY_GATEWAY
> i can ping/ssh again.  each interface has a different IP address.
> its not really multihomed in the sense that to the outside world
> i have 1 ip address and it can be reached through either provider
> (2 different T1 providers) i just want failover route setup.

For incoming traffic (ie redundancy for a mail server) or outgoing
traffic?

If you want redundancy for outgoing traffic I would think your trick with
routes above would work.  But they don't... unless you forgot a step.
Try setting "spoofprotect=no" in /etc/network/options, reboot, and try
again.

If *that* doesn't work, I'm sorry to say that you're out of luck :(
Anything else you can come up with is a pure hack and prone to failure.

Incoming traffic is much easier :)  Install the iproute2 package and read
the Advanced Routing HOWTO, particularly the bit about policy routing.

[...]

> oh and im running debian 2.2r3/linux.2.2.19 on 1 machine
> and debian testing(a month or so old) with 2.2.19 on the
> other.
>
> maybe there is another 'routing daemon' that i could use?

GNU Zebra but it needs RIP (which you can't get) or BGP to work.

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine

iD8DBQE7SlID/ZTSZFDeHPwRAhhIAJsGjgYPTe8tuh4Ljlwrsx5/sJFBkwCeILn1
zIE07nEMKIHBZ5/KuvdjBPA=
=Btfd
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: multihomed linux box
  - From: Alvin Oga <aoga@Mail.Linux-Consulting.com>
- Re: multihomed linux box
  - From: aphro@portal.aphroland.org

References:
- multihomed linux box
  - From: aphro@portal.aphroland.org

Prev by Date: Re: where did my ps and top go?
Next by Date: Re: Installing device drivers
Previous by thread: multihomed linux box
Next by thread: Re: multihomed linux box
Index(es):
- Date
- Thread