zuzu on 30 Oct 2007 20:55:18 -0000 |
On 10/30/07, zuzu <sean.zuzu@gmail.com> wrote: > > I think this also falls under "trunking" and "link aggregation". my > investigation into this has been more about merging the bandwidth of > two upstream providers (ISP) without requiring anything on their end, > using a Linux server. e.g. a friend of mine worked in India for a few > years and the ISP service there was relatively slow but inexpensively > priced, so he had to combine several ISP accounts into what looked > inside his LAN as a single fat pipe. or, I know that Verizon's > current pricing scheme of $45 for 15/2 but $180 for 30/5 means that > for the same $180 you could aggregate 4 15/2 lines for 60/8 Mbps > total. or if you're aggregating diverse services, such as fibre, cable, and DSL, you provide redundancy against single-source failure. hardware-wise, if you're looking for something mini-ITX sized and you only have one PCI slot, the Sun X1034A 4-port 10/100 NIC is available on ebay for ~$20 or less. > the way to achieve this with a solid Linux router seems to be with > Iproute2. (I've often thought that a dedicated embedded Linux device > to do this one task but do it so well that it "just works" ala DD-WRT > would be a very marketable device for about $200.) > > HTH. > > http://www.linux-foundation.org/en/Net:Iproute2 > http://www.policyrouting.org/iproute2.doc.html > http://www.linux-foundation.org/en/Net:Iproute2_examples > http://ornellas.apanela.com/dokuwiki/pub:firewall_and_adv_routing > http://lartc.org/howto/lartc.rpdb.multiple-links.html http://gentoo-wiki.com/TIP_Dual-Homed_Gentoo_Server Situation For one reason or another, you have internet connections from 2 different providers, or 2 connections from a single provider but with different gateways, coming in to a single machine. An example would be when you have a primary IP which is part of a trusted network range for NFS, etc. without an internal LAN, but would like to run a secondary DNS server on a separate IP range. [edit] Kernel Support You need to have a couple of kernel options enabled: * CONFIG_IP_ADVANCED_ROUTER (Networking/IP: Advanced Router) and * CONFIG_IP_MULTIPLE_TABLES (Networking/IP: policy routing) These enable filtering based on the source address, as opposed to being restricted to only the destination address (default). Verify they are enabled in your kernel: $ grep -e CONFIG_IP_ADVANCED_ROUTER -e CONFIG_IP_MULTIPLE_TABLES /usr/src/linux/.config CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y To enable the above 2 items in the kernel, run make menuconfig in the /usr/src/linux directory. Navigate to Networking --> Networking options and change "IP: Advanced router" and "IP: policy routing" to [*]. Save your changes and run make && make modules_install. Double check the items are enabled by running the grep command above again. [edit] Software Support You will need to emerge iproute2. ifconfig cannot handle multiple routing tables, nor can it handle a number of other things that iproute2 can, so using iproute2 instead is a good idea anyway. [edit] Configuration * edit /etc/iproute2/rt_tables and add the following line. You may call the table anything you liked, I chose dns for this example as that was the purpose of the secondary IP: 100 dns * edit /etc/conf.d/local.start and add the following line. This is necessary because Gentoo's net init scripts do not yet support ip rules (AFAIK) (you can use "postup" function (see /etc/conf.d/net.example): ip rule add from <secondary ip> table dns * edit /etc/conf.d/net so it looks like this: modules=( "iproute2" ) config_eth0=( "<primary ip>/<nm> brd <primary broadcast>" ) config_eth1=( "<secondary ip>/<nm> brd <secondary broadcast>" ) routes_eth0=( "default via <primary gateway>" ) routes_eth1=( "127.0.0.0/8 dev lo table dns" "default via <secondary gateway> table dns" ) For example "<primary ip>/<nm> brd <primary broadcast>" should look like : 123.124.125.3/24 brd 123.124.125.255 [edit] Notes * You can do this all on one interface, like so: modules=( "iproute2" ) config_eth0=( "<primary ip>/<nm> broadcast <primary broadcast>" "<secondary ip>/<nm> broadcast <secondary broadcast>" ) routes_eth0=( "default via <primary gateway>" "127.0.0.0/8 dev lo table dns" "default via <secondary gateway> table dns" ) * You will also want to add any other routes for internal LANs, etc. to the dns table, i.e like so: routes_eth3=( "10.0.0.0/8 table mx" ) [edit] Credit and Links This article was originally written by Casey Allen Shobe for SeattleServer.com, based on information from the Linux Advanced Routing and Traffic Control HOWTO, simplified and tailored to Gentoo. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|