source based routing¶
or how to have multiple default gateways¶
Imagine a multi homed system. That is a system with more then one network interface, each interface connected to a different ip network.
On a normal system you will have one subnet on each interface and one default route:
+--- router0 (192.168.0.1) --- eth0 (192.168.0.100/24)
|
outside ---+
|
+--- router1 (192.168.1.1) --- eth1 (192.168.1.100/24)
root@host# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
If a Client (1.2.3.4) connects to a service on 192.168.0.100 everything is fine. Packet comes from the outside, goes to router0 (decided by some router not under your control), hits eth0. Now how to answer? As we have no special route to 1.2.3.4 we will choose the default route and go out eth0, to router0 and from there outside.
Now what happens if we connect to 192.168.1.100? Packet comes from outside, goes to router1, hits eth1. Answer goes? Right we don’t know how to talk to 1.2.3.4 so we choose the default route. Packet goes out eth0, router0, outside.
Why is this bad?¶
You can have inbound traffic in the amount of bandwith-eth0 + bandwith-eth1. But Outbound you will only send via eth0, so there is a missmatch. Also various tcp optimizations (congestion, windows, etc) won’t work to well if using different interfaces.
What do you want?¶
Two default gateways. If i send traffic as 192.168.1.100 i want to use eth1, otherwise eth0. Iproute2 to the rescue!
ip route add default via 192.168.1.1 eth1 table 100
ip rule add from 192.168.1.100 table 100
If i send a package from 192.168.1.100, then look into table 100 (choose any number 2-252). If you find routing information there use them.
And Table 100 says, send package out using eth1 to 192.168.1.1 (router1).
Whats next?¶
Read the documentation of iproute2!