Problems balancing two uplink providers

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

	Hi all,

	I have implemented a solution with a machine balancing the network load
between two DSL providers as is explained in the LARTC Howto. It is
apparently working correctly, but i have some problems.

The problem is basically that some packets go out by each ADSL interface
with the source address of the other ADSL interface. I think that the
routing based on source address isn't working.

Here are configuration data:

eth0: ADSL provider 1
eth1: ADSL provider 2
eth2: Private network

IP eth0: 80.27.46.168/26
IP eth1: 217.12.112.190/30
IP eth2: 192.168.239.15/24

Routing rules:

ip route add 80.27.46.128 dev eth0 src 80.27.46.168 table T1
ip route add default via 80.27.46.129 table T1
ip route add 80.27.46.128 dev eth0 src 80.27.46.168

ip route add 217.12.112.188 dev eth1 src 217.12.112.190 table T2
ip route add default via 217.12.112.189 table T2
ip route add 217.12.112.188 dev eth1 src 217.12.112.190

ip route add default scope global nexthop via 80.27.46.129 dev eth0 w
eight 1 nexthop via 217.12.112.189 dev eth1 weight 1

ip rule add from 80.27.46.168 table T1
ip rule add from 217.12.112.190 table T2

NAT rules:

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.239.0/24 -j SNAT --to-source 80.27.46.168
iptables -t nat -A POSTROUTING -o eth1 -s 192.168.239.0/24 -j SNAT --to-source 217.12.112.190

The problem is:

router:~# tcpdump -i eth1 host 80.27.46.168 -n
tcpdump: listening on eth1
00:31:55.880169 80.27.46.168.4889 > 81.35.21.64.4662: . ack 2580075548 win 17280 (DF)
00:31:55.886844 80.27.46.168.3587 > 150.217.68.78.8080: . ack 1084550836 win 15260 (DF)
[...]

router:~# tcpdump -i eth0 -n host 217.12.112.190
tcpdump: listening on eth0
00:35:07.116006 217.12.112.190.2799 > 81.9.161.217.4662: . ack 4081941596 win 17139 (DF)
00:35:07.258220 217.12.112.190.2917 > 68.162.131.254.4662: . ack 1208711693 win 16265 (DF)

Please, some idea? I don't find where is the mistake.

Thanks in advance.

Regards.
-- 
Diego Chaparro González. 
Grupo de Sistemas y Comunicaciones.
Universidad Rey Juan Carlos.
C/ Tulipan s/n - 28933 Móstoles (Spain)
dchaparro@xxxxxxxxxxxxxxxxxx

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux