Re: Multiple default routes on multihome host


On Feb 21, 2008, at 9:51 PM, Wes Peters wrote:

As much as anything I just object to the semantic dissonance in "multiple" "default". Think about it.

I still haven't decided what it means at the packet level to have multiple default routes. Does that mean that, not having found a "better" route, I send the packets out both routes? Choose between them? Doesn't that tend to flap packets in a TCP "connection" back and forth? Does my router have to remember which route it chose for a TCP connection and reuse that one?

I know people want to be able to plug in a pair of itty bitty routers and just have their computers be smart enough to use the "best" one, but it's not clear the implementations they are pushing us towards -- Linux and Windows -- actually accomplish that. In fact, what they usually do is screw it up badly and the people only THINK they're getting any enhanced reliability.


I know I'm not who you were asking, but I can give you an example of where we've used this successfully.

Our branch office has a T1 to our main office. The branch office has a /26 of public IPs routed over the T1. The T1 has extremely low latency, and plenty of bandwidth for the business side of things. The problem is that it didn't have enough bandwidth to handle a bunch of people watching videos on YouTube, downloading OS updates and everything else. I played with QoS and traffic shaping, but the solution for us was more bandwidth. Adding additional T1s was impossible, but we could get a very fast business DSL line to the office. They obviously wouldn't run BGP with us over it, so some trickery was required to make use of both connections at once.

On our firewall/router box at the branch office, we've got 3 ethernet interfaces. em0 goes to our LAN(1.2.3.4/26). em1 goes to the T1 router. em2 goes to the DSL line(5.6.7.8/24).

The system's default route is through em1 to the T1. I want to send some traffic over the DSL line, em2. This is complicated by the fact that the DSL provider has only given us one IP and won't route our corporate IPs. So, I started up a natd instance:

natd -interface em2 -same_ports -dynamic

Now, with ipfw I can select which traffic goes through the DSL line:

ipfw add 100 divert 8668 ip from 1.2.3.0/26 to any 80 # Send all HTTP traffic through natd, which will go through the DSL line

Next, I need to force all traffic sourced on the DSL line's IP to actually go out the DSL interface. Without this, the kernel tries sending packets sourced with the DSL line's IP over the T1.

ipfw add 200 fwd $dsl_line_gateway ip from 5.6.7.8 to not 1.2.3.0/26 # If it's not trying to talk to a local IP, force it to go down the DSL line if it's using the DSL source IP.


Now, like magic, web traffic goes over the DSL line. Everything else goes over the T1. In reality the configuration is much more complex, but it's easy enough with ipfw rules to specify what I want to go down the DSL line (divert it) and what I want to go down the T1.

If I didn't have to deal with the lack of routing cooperation from our DSL provider, I could skip the natd step completely and just fwd traffic as appropriate.


This isn't truly multiple default routes, but it's as close as I can get. As-is it adds no redundancy at all, but it was very easy to script something up that checked the liveliness of both interfaces and completely redirect everything to go down one or the other if one goes down.

Make sense?

-- Kevin

_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: (OT?) Anyone wanna address my ISPs issues? [CIDR/BGP question]
    ... The DSL modem's outside IP is n.n.n.70, ... shouldn't it be 'announced', if the ISP intends ... The .70 --> .69 route on the ... modem has a metric of "5", but with the .252 mask, shouldn't it ...
    (freebsd-questions)
  • Point-to-Point links - route IP Block with DSL
    ... I've been given a /29 ip block from my ISP for use over DSL. ... It so happens dsl0 always gets allocated one ... Subnet mask: 255.255.255.248 ... I can see from above that if the route table fails to find ...
    (comp.os.linux.networking)
  • Re: win2k host changing routing table with visits to sites
    ... recently switched from cable broadband service to dsl broadband service ... Where is the route between them? ...
    (microsoft.public.win2000.networking)
  • Re: 2003 Server Hostrouting aber wie?
    ... > Wenn ich auf den Newsserver 12.12.12.12 Zugreife soll alles uber DSL gehen. ... > bei dem Route befehl fehlt irgendwie sowas wie route add 12.12.12.12/32 ... Hi Udo, ... ist das Gateway ein anderes System. ...
    (microsoft.public.de.german.windows.server.networking)
  • Re: Aggregating 2 ISP links (DSL)
    ... > the balancing algorithm to either of the DSL modems. ... > DSL modem and arrives at the linux box. ... > is handled by the load-balancing algorithm and a route is ... > the connection succeeds. ...
    (comp.os.linux.networking)