Hi all, I'm getting lot of problems with a multihomed linux router.
I have 3 lines conected to my Linux Box, with 2.6.1 kernel with DgD patches,
and I have setup it that it does load balancing between the 3 lines, but I
have a problem with sending specific traffic (mail one) throught only one of
the lines. let me put my config bellow ..
------- Multiroute.sh ---------
#!/bin/bash
# CONFIGURATION
IP=/sbin/ip
PING=/bin/ping
#--------------- LINK PART -----------------
# EXTIFn - interface name
# EXTIPn - outgoing IP
# EXTMn - netmask length (bits)
# EXTGWn - outgoing gateway
#-------------------------------------------
# LINK 1 ADSL ISP1
EXTIF1=eth1
EXTIP1=aaa.bbb.ccc.ddd
EXTM1=30
EXTGW1=aaa.bbb.ccc.eee
# LINK 2 ADSL ISP2
EXTIF2=eth1
EXTIP2=bbb.ccc.ddd.eee
EXTM2=26
EXTGW2=bbb.ccc.ddd.fff
# LINK 3 Cable ISP3
EXTIF3=eth1
EXTIP3=ccc.ddd.eee.fff
EXTM3=30
EXTGW3=ccc.ddd.eee.ggg
#ROUTING PART
# removing old rules and routes
echo "removing old rules"
${IP} rule del prio 50 table main
${IP} rule del prio 201 from ${EXTIP1}/${EXTM1} table 201
${IP} rule del prio 202 from ${EXTIP2}/${EXTM2} table 202
${IP} rule del prio 203 from ${EXTIP3}/${EXTM3} table 203
${IP} rule del prio 221 table 221
echo "flushing tables"
${IP} route flush table 201
${IP} route flush table 202
${IP} route flush table 203
${IP} route flush table 221
echo "removing tables"
${IP} route del table 201
${IP} route del table 202
${IP} route del table 203
${IP} route del table 221
# setting new rules
echo "Setting new routing rules"
# main table w/o default gateway here
${IP} rule add prio 50 table main
${IP} route del default table main
# identified routes here
${IP} rule add prio 201 from ${EXTIP1}/${EXTM1} table 201
${IP} rule add prio 202 from ${EXTIP2}/${EXTM2} table 202
${IP} rule add prio 203 from ${EXTIP3}/${EXTM3} table 203
${IP} route add default via ${EXTGW1} dev ${EXTIF1} src ${EXTIP1} proto static
table 201
${IP} route append prohibit default table 201 metric 1 proto static
${IP} route add default via ${EXTGW2} dev ${EXTIF2} src ${EXTIP2} proto static
table 202
${IP} route append prohibit default table 202 metric 1 proto static
${IP} route add default via ${EXTGW3} dev ${EXTIF3} src ${EXTIP3} proto static
table 203
${IP} route append prohibit default table 203 metric 1 proto static
# mutipath
${IP} rule add prio 221 table 221
${IP} route add default table 221 proto static \
nexthop via ${EXTGW3} dev ${EXTIF3} weight 1\
nexthop via ${EXTGW2} dev ${EXTIF2} weight 100\
nexthop via ${EXTGW1} dev ${EXTIF1} weight 200
# Multipath for email traffic.
${IP} route add default table mail.traffic proto static \
nexthop via ${EXTGW1} dev ${EXTIF1} weight 1 \
nexthop via ${EXTGW2} dev ${EXTIF2} weight 250\
nexthop via ${EXTGW3} dev ${EXTIF3} weight 100
${IP} rule add prio 230 fwmark 0x02 table mail.traffic
${IP} route flush cache
--------- Multiroute.sh ------------
Then I mark the pakets coming from the lan and going to internet mail
servers ...
iptables -A PREROUTING -t mangle -s ${LAN}/${LAN_MASK} -d !
${DMZ1}/${DMZ1_MASK} -p tcp --dport 25 -j MARK --set-mark 0x02
iptables -A PREROUTING -t mangle -s ${LAN}/${LAN_MASK} -d !
${DMZ1}/${DMZ1_MASK} -p tcp --dport 110 -j MARK --set-mark 0x02
The idea is that mail traffic going to internet try to go out allways by ISP1
but if it fails (that is why the weight are so diferents) by ISP2 and if that
one fails too try to go out by ISP3, but in the real scenario mail traffic is
going out by a radom provider :( ... for the rest of traffic priorities
should be reversed ... first ISP3,then ISP2 and finaly ISP1 and that part is
running more or least ... sometimes one conection goes out by ISP2 but that's
not a big problem ..
I'm doing something wrong ?, why my mail.traffic table is not working as it is
supposed to
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
