Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Multiple routes.

Status
Not open for further replies.
ashanderson

ashanderson

Technical User
Feb 5, 2001
5
0
0
US
Our company has decided to employ a DSL line as a redundant/fault tolerant link to go with our T1 line. We have decided to use Linux as our router and we are using SuSE 7.2 Pro.

What we want to do is have the Linux Router sit between our T1 router and VPN box with the DSL line interfacing directly with it. So we there would be 3 networks. Ideally we would have VPN traffic (business critical) traffic from the LAN route down the T1 line, and all HTTP and HTTPS traffic route down the slower DSL line. In the event of the T1 line failing (or DSL line) all traffic should automatically be routed down the remaining link.

So effectively we end up with 2 routes to the Internet from our LAN.

However, I have struggled to get multiple routes working in testing: I have a Linux router configured with three interfaces (NICs):
A. 192.168.1.220/24 connected to PC1 192.168.1.240/24
B. 192.168.1.230/24 connected to the LAN 192.168.1.0/24
C. 10.100.100.1/24 connected to PC2 10.100.100.10/24

The default gateway on the LAN points to the LAN router.

- From the router I can PING the LAN (any PC/device), both PCs and the reach Internet.
- From PC1 I can PING the router's three interfaces, any PC on the LAN and PC2 plus reach the Internet.
- From PC2 I can PING the router's three interfaces and PC1 BUT I cannot ping anything on the LAN or reach the Internet

This is the problem I have to resolve. I realize that my success with PC1 may be because it is on the same logical subnet (although not the same physical network).

I have IP Forwarding switched on in the kernel but this hasn't helped. I have tried to set up a separate lookup table for 10.100.100.0 using IP ROUTE and then setting static routes to the LAN network in that table - without
success.

So, what is the best way of creating multiple routes so any PC on any network can reach any other network attached to the router? Can this be done? Do I need to use IP Masquerading or NAT? I've read about IPTables and Netfilter but don't know where to start...

Once I figured this out I'll look into the packet shaping abilities of Linux.

Any advice = much appreciation. thanks.
 
Sort by date Sort by votes
man route to see how to set up gateways to other nets.

say 10.x.x.x range is eth3
route add -net 192.168.1.0 192.168.1.230 eth3

If there are problems I would tshoot:
ifconfig eth3:0 192.168.1.251 up
ping -c3 -I 192.168.1.251 192.168.1.255
Then watch the returns.
You could also look into rip via zebra- I have had very
good luck with this package from SuSE.

This is in a hurry , please check man route:
there are some good examples.

Just a note:
this is a semi-complex situation: maybe dynamic routing would be better in the long term,....
 
Upvote 0 Downvote
Hi,



Just a quick one for the time being...

I'd guess that the route to 192.168.1.0/24 on the router is pointing to the wrong interface, i.e 'A' instead of 'B' (LAN). This might be expected if you have two interfaces in a box with the same subnet.



Try :

/sbin/route del -net 192.168.1.0 netmask 255.255.255.0
/sbin/route add -host 192.168.1.240 netmask 255.255.255.255 eth0 (where eth0 is your 'A' interface)
/sbin/route add -net 192.168.1.0 netmask 255.255.255.0 eth1 (where eth1 is your 'B' interface)



More later maybe...

Rgds

 
Upvote 0 Downvote
ashanderson,
i had some time and messed with this problem using subinterfaces (aliases) and had some problems.
Finally I ran routed -t and then called route to see what
I had been missing.
Everything was good except the reverse routes!!!!
This means that if a packet from int eth3 gets sent to
the gw for the 192.168.1.0 network it needs to be able to find it's way back. That was my only hang up.
so this should work-
static:
route add -net 10.100.100.0 netmask 255.255.255.0 gw 10.100.100.1
route add -host 192.168.1.240 netmask 255.255.255.0 gw 192.168.1.220
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.230

Also:
Routed is usually not that great but in this situation it worked very well. SuSE ships with it, so if it is not installed you can install it. To start just type routed,
to start on boot uncomment the line in rc.config for routed
or use YAST and alter the line in system configuration(same thing).

Bye
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

w5000
  • Locked
  • Question
mounting a filesystem multiple times - what sense?
Replies
7
Views
165
ChrisHirst
ChrisHirst
srikanthgali87
  • Locked
  • Question
Shell script to sync user accounts multiple servers
Replies
1
Views
68
ady2012
ady2012
inforeqd
  • Locked
  • Question
Multiple Physical NICs on Redhat KVM Virtual Machine
Replies
0
Views
30
inforeqd
inforeqd
ddrillich
  • Locked
  • Question
Removing lines based on multiple words 2
Replies
5
Views
31
ddrillich
ddrillich
PCHomepage
  • Locked
  • Question
Apache on Windows 8 Multiple Virtual Hosts on Same IP
Replies
16
Views
94
jpadie
jpadie

Part and Inventory Search

Sponsor

Back
Top