The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Dynamic Routing - need RIP/gated ?
Author: Ivan Figueredo 
Date:   12-12-01 02:52

Hello,

I have two DSL lines. I would like to set up a system where if one of the lines goes down, my computers still have access to the Internet.

I do not know what is required, but I imagine that I will need a computer with three Ethernet ports/cards, and somehow have this machine act as a gateway to the Internet. This machine will probably need to run gated or zebra or RIP ? The problem is, I don't know where to get started, if it is even possible.

If it is possible, I also am not sure if FreeBSD can support this, but maybe Linux, etc?

Regards,

Ivan

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: milkdady 
Date:   12-12-01 18:23

You would probably want to use Bridge on your network..That way both networks will have internet connection and if one goes down with the right settings in the proper config files there still would be network activity,

Read the www.freebsd.org handbook on networks "Bridging"

Bridging allows you to connect to 2 networks on differnet subnets... SO this may be a solution.. If one internet goes down and you have the correct DNS settings on both resolv.conf files or run a DNS server using both As forwarders on your network this may be a solution...

SOmething to try out.

SOme of the pro's here will have a much more experienced solution.

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Daniel Schrock 
Date:   12-12-01 19:45

This is somewhat possible, but prob not how you would want it to.
It sounds like you are looking for something similar to Cisco's HSRP.

Unfortunately, there is no easy way to do this.
You will need 3 nics, config files for each connection, and some custom scripts.

The box you want to run this on will need to run NAT. I think IPFilter/IPNat would be easier than ipfw/natd, but i'm sure it could be done with both.

Set up the system with one connection, then set up the second connection, leaving the interface down.

Then write a cron job to monitor connection A. Should the connection drop on the main line, the cronjob should run a script that will do the following:
1. bring down interface A
2. bring up interface B
3. change your default route
4. load the appropriate firewall and nat rules.
5. load the appropriate host table, resolv.conf, hostname and domainname.
6. reload all network services with config files setup for the new settings.

You will then need to have another cronjob to monitor connection B until connection A comes back up, at which time the above script is re-run to use connection A's settings...

As you can see, it is very complicated and not very practical.
Another solution may be to use 2 boxes, one on each line, then connect the them via additional nics on a private subnet. Then you will at least have access to both systems as long as one of the lines is up.

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Ivan Figueredo 
Date:   13-12-01 04:28

Milkman,

Thanks for your response.

I read the section, but the section is too sparse and the examples that it gives is too vague for me to modify/adapt for my needs.

Regards,

Ivan

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Ivan Figueredo 
Date:   13-12-01 04:36

Daniel,

Thanks for your response.

This sounds like a solution, and you give the steps to do it...much apreciated.

However, I am confused by something. When I read up on Networking books, there are examples all over the place of "multihoming" using OSPF or BGP4. I don't understand why I can't set up a locally spanned OSPF, in a class C network (a lot of hand waving going on there :) ) In fact, when you say:

"Another solution may be to use 2 boxes, one on each line, then connect the them via additional nics on a private subnet. Then you will at least have access to both systems as long as one of the lines is up."

I think that you are on to this solution, but unfortunately you do not give enough information on how to implement it step by step as you do the other solution?

One thing that has always stumped me is why there can only be one default route?? Why not write some simple daemon that allows more than one default route? This would seemt to solve my problem, and would allow one to have redundant seemless Internet connection using two DSL lines from two different providers...


Regards,

Ivan

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Daniel Schrock 
Date:   14-12-01 21:35

I am going to make 2 assumptions here.
1. These are residential DSL lines.
2. You do not own a publicly routed class 'C' network.

When reading books on networking, you need to forget the 'internet' as you know it. All Cisco/Networking books deal with isolated networks.

With DSL, your provider takes care of the routing for you. Since neither provider is going to route the other's IPs, an OSPF/BGP4/HSRP solution is impossible.

To implement the private network solution, just install additional nics in each box and connect them to each other via a crossover cable or to an isolated switch/hub and assign ips from the same subnet (ie. box A gets 192.168.1.1, box B gets 192.168.1.2, they both get a broadcast address of 192.168.1.255)
Thw 2 boxes will then be able to see each other on the private subnet.

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Daniel Schrock 
Date:   14-12-01 21:38

Bridging won't work. Bridging allows dissimilar networks or different subnets to see each other, but if one line goes down, you can't make the trafic cross the bridge and go out the other line...

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Ivan Figueredo 
Date:   17-12-01 04:32

Daniel,

I am not completely following how this works. See below.

------Daniel says:
I am going to make 2 assumptions here.
1. These are residential DSL lines.
2. You do not own a publicly routed class 'C' network
----------------------

When you say "These are residential DSL lines" do you mean that I have DSL lines that have their IP's dynamically assigned? If so, this is not correct. Both DSL lines are business based DSL lines, that is, I was given a block of 32 static IP's by one DSL provider, and a block of 6 from the other.

------Daniel says:
"To implement the private network solution, just install additional nics in each box and connect them to each other via a crossover cable or to an isolated switch/hub and assign ips from the same subnet (ie. box A gets 192.168.1.1, box B gets 192.168.1.2, they both get a broadcast address of 192.168.1.255)
Thw 2 boxes will then be able to see each other on the private subnet."
---------------------

In this situation, I am assuming that you are refering to your previous post when you suggested an alternative to the "script solution" as follows:

-----Daniel says:
"Another solution may be to use 2 boxes, one on each line, then connect the them via additional nics on a private subnet. Then you will at least have access to both systems as long as one of the lines is up."
-----------------------

In this case, if I understand you correctly, I should give the machines "behind" these two boxes IP's from 192.168.168.3 on up. But what would their default route be, or their gateway? If it is box A at 192.168.1.1 and that DSL line goes down, then how do packets get routes out 192.168.1.2 ? How is the "failover" happening? Does this solution also need your scripts idea...?

I think I may be missing something...

Regards,

Ivan

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Daniel Schrock 
Date:   17-12-01 08:42

The big problems here are that its dsl and that the subnets provided to you can't be shared. Everything relies on addressing...dns,mail,apache... if one line goes down, your services aren't going to work on the other line.
dsl lines are setup to be the end of a network.
the type of service you are looking for can only be accomplished with 2 dedicated lines from the same provider, or if you personally own the subnet you need routed. When I say dedicated line, i am refering to a line that comes with an service level agreement. This would be frame-relay, dedicated 56k, t1 or higher, etc.

I do understand exactly what you are trying to accomplish, as i work with it on a daily basis. It unfortunately cannot be done with the what you have. If you could get 2 dsl lines from the same provider, you may be able to talk them into it, but it is not very likely. The amount of money made on dsl by the provider is not worth the effort to enable that type of functionality. You will also never see an SLA for DSL because there are too many factors outside of the providers control that affect the line.

as far as the private subnet solution, it will not provide failover at all. it merely gives you access (ssh,rsh,telnet) to all the boxes if one of the lines goes down. they do not need a default gateway and can see each other because they have a common broadcast address.

Reply To This Message
 
 Re: Dynamic Routing - need RIP/gated ?
Author: Ivan Figueredo 
Date:   17-12-01 19:46

---Daniel says:
...the type of service you are looking for can only be accomplished with 2 dedicated lines from the same provider...
----

This would not work as a failover solution though, as if line 1 from ISP goes down, it is (almost) certain that the other line to the same ISP would be down as well.

---Danile says:
...This would be frame-relay, dedicated 56k, t1 or higher, etc.
-----

Yes, I assume that if I were running something you can send/receive BGP (T1's , etc) and I had a BGP capable router this would be a piece of cake, as that is the "design" of the Internet at it's core.

---Daniel says:
I do understand exactly what you are trying to accomplish, as i work with it on a daily basis. It unfortunately cannot be done with the what you have.
----

Yes, I have come to the same conclusion. One "solution" (hack) would be to manually change the default route, i.e.,

route delete 0.0.0.0 # router on DSL line DOWN
route add 0.0.0.0 mask 0.0.0.0 xxx.xxx.xxx.xxx # router on DSL line UP

Where xxx.xxx.xxx.xxx is the IP of the gateway (router) that is up.

I _STILL_ do not understand why default routes have to be hardwired. Why, why, why, can't one have more than one default route??????????? I mean, what in the TCP spec, etc prevents this?


---Daniel says---
as far as the private subnet solution, it will not provide failover at all. it merely gives you access (ssh,rsh,telnet) to all the boxes if one of the lines goes down
------

Yes. Unfortunately, this is not the problem that I was trying to solve :)))))

BTW, have you heard of Policy Routing?

Regards,

Ivan

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org