Re: multihomed linux box
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> hi.
>
> i have this setup on 2 machines
>
>
> Machine A
> \ eth0 ---> Switch --> Router A(65.xxx.xx.x.x) --> Internet
> \ eth1 --> Switch --> Router B (63.xx.x.x.x.x) --> Internet
>
> Machine B
> \ eth0 --> Switch --> Router A (65.xx.x.x.x.x) --> internet
> \ eth1 --> Switch --> Router B (63.xx.x.x.x) --> internet
>
> what i can't figure out is how to get it so if one route fails it will
> take the other.
Generally BGP is the way to do it. However, unless you have a /24- sized
address space assigned by ICANN or whoever does it these days people won't
even talk to you.
> i have routed installed but im not sure if it will do what i want.
I think it can but only if your routers send out RIP packets :) If they
don't, can't, or whatever then routed obviously won't work.
> what i have:
>
> /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw MY_GATEWAY metric 0
> /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw ALT_GATEWAY metric 1
>
>
> so i ssh to a machien it shows me comming from MY_GATEWAY's ip
> network. so i unplug the router, and try to ssh. nothing. try
> to ping using -i, nothing. once i remove the route to MY_GATEWAY
> i can ping/ssh again. each interface has a different IP address.
> its not really multihomed in the sense that to the outside world
> i have 1 ip address and it can be reached through either provider
> (2 different T1 providers) i just want failover route setup.
For incoming traffic (ie redundancy for a mail server) or outgoing
traffic?
If you want redundancy for outgoing traffic I would think your trick with
routes above would work. But they don't... unless you forgot a step.
Try setting "spoofprotect=no" in /etc/network/options, reboot, and try
again.
If *that* doesn't work, I'm sorry to say that you're out of luck :(
Anything else you can come up with is a pure hack and prone to failure.
Incoming traffic is much easier :) Install the iproute2 package and read
the Advanced Routing HOWTO, particularly the bit about policy routing.
[...]
> oh and im running debian 2.2r3/linux.2.2.19 on 1 machine
> and debian testing(a month or so old) with 2.2.19 on the
> other.
>
> maybe there is another 'routing daemon' that i could use?
GNU Zebra but it needs RIP (which you can't get) or BGP to work.
- --
- ----------------------------------------------------------------------
Phil Brutsche pbrutsch@tux.creighton.edu
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine
iD8DBQE7SlID/ZTSZFDeHPwRAhhIAJsGjgYPTe8tuh4Ljlwrsx5/sJFBkwCeILn1
zIE07nEMKIHBZ5/KuvdjBPA=
=Btfd
-----END PGP SIGNATURE-----
Reply to: