Re: multihomed linux box - dual t1
hi ya...
think theres lot's of folks with dual t1...
for outgoing traffic... think the routing and metrics might work..
for incoming traffic... we'd need all kidns of whacky work arounds
or an autonmous ip# routable by either isp...
- who's writing this howto ???
-- UUnet also has a backup "dark t1" that they provide ...for a minimal
fee ... so that even if the primary t1 goes dow... you have a backup
and the world does not know about your fiber being cut by the
bozo and his backhoe down the street
- not sure if the same ISP can be up if their other wire went
down... ( or router or hubb or 110v power etc )
- pacbell ( SF bay area ) had a major fiber ring outage about a month
ago.... where the main fiber was cut late one afternoon ...
c ya
alvin
On Mon, 9 Jul 2001, Alvin Oga wrote:
>
> hi ya aphro/phil
>
> this same almost exact same concept just went thru the firewall
> mailing list....
> - same conclusions...
>
> their ideas is to let the routers do the NATing
> and "Load balance the external routes using EIGRP or OSPF"
>
> search the firewall archives for:
>
> http://lists.gnac.net/firewalls/archive.html
> ....
> "Date: Tue, 10 Jul 2001 09:59:08 +1000"
> "Cc: "'firewalls@pluto.gnac.com'" <firewalls@pluto.gnac.com>"
> "Subject: RE: Multi-homed Internet connection"
> ....
>
> oh well
> alvin
>
> i guess i'm stubborn... i dont see why a laptop can
> make a connection via ppp and/or eth0 if in the office...
> with the same fixed routing table...
> - the laptop connects thru either one...( the one that works ? )
>
> in this case...we have 2 T1 wires...should be similar network issue...
> but its not....
>
>
> On Mon, 9 Jul 2001, Phil Brutsche wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > A long time ago, in a galaxy far, far way, someone said...
> >
> > > hi.
> > >
> > > i have this setup on 2 machines
> > >
> > >
> > > Machine A
> > > \ eth0 ---> Switch --> Router A(65.xxx.xx.x.x) --> Internet
> > > \ eth1 --> Switch --> Router B (63.xx.x.x.x.x) --> Internet
> > >
> > > Machine B
> > > \ eth0 --> Switch --> Router A (65.xx.x.x.x.x) --> internet
> > > \ eth1 --> Switch --> Router B (63.xx.x.x.x) --> internet
> > >
> > > what i can't figure out is how to get it so if one route fails it will
> > > take the other.
> >
> > Generally BGP is the way to do it. However, unless you have a /24- sized
> > address space assigned by ICANN or whoever does it these days people won't
> > even talk to you.
> >
> > > i have routed installed but im not sure if it will do what i want.
> >
> > I think it can but only if your routers send out RIP packets :) If they
> > don't, can't, or whatever then routed obviously won't work.
> >
> > > what i have:
> > >
> > > /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw MY_GATEWAY metric 0
> > > /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw ALT_GATEWAY metric 1
> > >
> > >
> > > so i ssh to a machien it shows me comming from MY_GATEWAY's ip
> > > network. so i unplug the router, and try to ssh. nothing. try
> > > to ping using -i, nothing. once i remove the route to MY_GATEWAY
> > > i can ping/ssh again. each interface has a different IP address.
> > > its not really multihomed in the sense that to the outside world
> > > i have 1 ip address and it can be reached through either provider
> > > (2 different T1 providers) i just want failover route setup.
> >
> > For incoming traffic (ie redundancy for a mail server) or outgoing
> > traffic?
> >
> > If you want redundancy for outgoing traffic I would think your trick with
> > routes above would work. But they don't... unless you forgot a step.
> > Try setting "spoofprotect=no" in /etc/network/options, reboot, and try
> > again.
> >
> > If *that* doesn't work, I'm sorry to say that you're out of luck :(
> > Anything else you can come up with is a pure hack and prone to failure.
> >
> > Incoming traffic is much easier :) Install the iproute2 package and read
> > the Advanced Routing HOWTO, particularly the bit about policy routing.
> >
> > [...]
> >
> > > oh and im running debian 2.2r3/linux.2.2.19 on 1 machine
> > > and debian testing(a month or so old) with 2.2.19 on the
> > > other.
> > >
> > > maybe there is another 'routing daemon' that i could use?
> >
> > GNU Zebra but it needs RIP (which you can't get) or BGP to work.
> >
> > - --
> > - ----------------------------------------------------------------------
> > Phil Brutsche pbrutsch@tux.creighton.edu
> >
> > GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
> > GPG key id: 50DE1CFC
> > GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.0.6 (GNU/Linux)
> > Comment: Made with pgp4pine
> >
> > iD8DBQE7SlID/ZTSZFDeHPwRAhhIAJsGjgYPTe8tuh4Ljlwrsx5/sJFBkwCeILn1
> > zIE07nEMKIHBZ5/KuvdjBPA=
> > =Btfd
> > -----END PGP SIGNATURE-----
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: