Re: Failover route

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/16/19 11:57 AM, Erik Auerswald wrote:
Hi,

Hi,

If you have an xDSL modem such that the next-hop IP address is on the ISP side, using ping to probe reachability of the next-hop should just work.

I want to agree with you. Though I have disqualified ping (ICMP) as a reliable test in the past for a reason that I can't recall at the moment. I do know that I've run into ISPs that filter ICMP or do other nasty things with it, rendering it unreliable.

I think that BFD-EM would avoid some of thee ICMP scheenanigans that I've seen before. The /only/ thing that the upstream router needs to do is route a packet. Conversely, the upstream would need to respond ICMP itself and not be filtered.

There's also a chance that the router might respond to ICMP but not actually forward packets. Possibly during maintenance.

You could look into using the -r and -I options of ping (from iputils as packaged by Debian, in my case).

Good to know.

If you want to check to some specific IPs or hosts behind one ISP, you can use static host routes (that are not withdrawn via any daemon and stay up even when the interface status goes down) pointing out the specific interface to check. Of course, those IPs should not provide other useful service, or you risk blackholing them on connection failures.

Yep. Hence my previous comments about monitoring SYN / ACK and / or ICMP echo request / echo reply associations.

I'd say that is more of a tradition. Routing daemons are often written to mimic Cisco IOS behaviour, and there static routes towards an IP that is not reachable (except for a possible default route) are removed from the RIB and FIB. This is not a requirement for a routing daemon, and e.g. Cisco IOS allows overriding this default behaviour.

ACK

IIRC the Linux kernel does not remove those routes itself.

I've had the kernel remove routes when an interface id brought down. I don't recall off hand if it did so on link loss (up / down condition).

Thanks,

You're welcome.

Thank you.



--
Grant. . . .
unix || die

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux