<br><tt><font size=2>Andrew Lyon <andrew.lyon@josims.com> wrote on
10/04/2007 16:34:52:<br><br>> ><br>> >________________________________________<br>> >From: e.janz@barceloviajes.com [mailto:e.janz@barceloviajes.com]
<br>> >Sent: 10 April 2007 15:17<br>> >To: lartc@mailman.ds9a.nl<br>> >Subject: Re: [LARTC] equalize / ecmp not working as expected in
2.6 vs 2.4<br>> ><br>> ><br>> >Hi Andrew,<br>> ><br>> >I would use a combination with iptables. You should mark the packets,
for<br>> example using average or n-th, and then use ip rules to send half
of the<br>> packets vía one router and the rest to the other router according
to the<br>> marks you set with iptables.<br>> >Just a question ¿ dont you have problems with your source IP and
the<br>> returning responses when you are sending packets from one connection
over<br>> multiple routers ? ¿ do you have something like an AS ?<br>> ><br>> ><br>> >Best regards,<br>> >Eric Janz <br>> ><br>> ><br>> >Andrew Lyon <andrew.lyon@josims.com><br>> >Enviado por: lartc-bounces@mailman.ds9a.nl<br>> >10/04/2007 14:36<br>> >Para<br>> >"'lartc@mailman.ds9a.nl'" <lartc@mailman.ds9a.nl><br>> >cc<br>> ><br>> >Asunto<br>> > [LARTC] equalize / ecmp not working as expected in 2.6 vs 2.4<br>> <br>> <br>> <br>> Eric,<br>> <br>> Could you give me a example of how to do that? With nth if possible...<br>> <br>> It is not common for a ISP to support that sort of setup, but they
do<br>> http://aaisp.net.uk/aa/aaisp/multiline.html<br>> <br>> Each line has two ips, one for the router and another for the interface
on a<br>> linux box or other device, the isp routes a larger /28 down both lines,
and<br>> allows packets with source address in the /28 range to be sent through
both<br>> lines.<br>> <br>> On my linux server I have a routing table for each line with the necessary<br>> routes to make each router ip reachable, and a default route that
equalizes<br>> over both router ips, it worked with 2.4 but with 2.6 it seems to
be<br>> per-flow instead of per packet.<br>> <br>> I can login to a control page app on the ISP website and configure
which<br>> lines a given block is routed down, and they also do really good traffic<br>> monitoring etc http://www.aaisp.net.uk/cqm.html<br>> <br>> PS. Please reply below original posting, not above!<br>> http://en.wikipedia.org/wiki/Top-posting<br>> <br>> Andy<br>> <br>> <br>> JOSEDV001TAG</font></tt><br><br><tt><font size=2>Hi Andy,</font></tt><br><br><tt><font size=2>thanks for the info. First of all, in order to use
the nth match you need to patch your kernel using patch-o-matic.</font></tt><br><tt><font size=2>After that, the nth match should be available. Try
something like this:</font></tt><br><br><tt><font size=2>Supposing that the local traffic is entering into
your linux server via eth0:</font></tt><br><br><tt><font size=2>1. Mark the packets using iptables before the routing
decision is done:</font></tt><br><br><tt><font size=2> iptables -t mangle
-A PREROUTING -i eth0 -m nth --every 2 --packet 0 -j MARK --set-mark 111</font></tt><br><tt><font size=2> iptables -t mangle
-A PREROUTING -i eth0 -m nth --every 2 --packet 1 -j MARK --set-mark 222</font></tt><br><br><tt><font size=2>2. Setup some rules to jump to the correct routing
tables. In this case I will suppose that you are using the tables 111 and
222 ( obviously you can use the ones you like )</font></tt><br><tt><font size=2> ip rule add prio
111 fwmark 111 table 111</font></tt><br><tt><font size=2> ip rule add prio
222 fwmark 222 table 222</font></tt><br><tt><font size=2>( you can also set the priority of the rules at your
convenience )</font></tt><br><br><tt><font size=2>3. Setup your routing tables ( in this example 111
and 222 ) to reach each router as you had with the 2.4 kernel.</font></tt><br><tt><font size=2> [ ... ]</font></tt><br><tt><font size=2> ip route add table
111 default via ROUTER1_IP_ADDRESS</font></tt><br><tt><font size=2> ip route add table
222 default via ROUTER2_IP_ADDRESS</font></tt><br><br><br><tt><font size=2>In this case we need no multipath route. Half of all
the packets that come into eth0 are routed using the 111 table and the
rest is routed using the 222 table thanks to the marks we set.</font></tt><br><tt><font size=2>The problems you are experiencing with the multipath
routing are due to that the routing decision uses a cache and after a routing
decision to a destination is done, it would always use the same gateway
to reach that destination until the routing caché expires.</font></tt><br><br><br><tt><font size=2>I hope this helps,</font></tt><br><tt><font size=2>Regards,</font></tt><br><br><tt><font size=2>Eric Janz</font></tt><br><br><br><tt><font size=2><br></font></tt>--<BR>
<BR>
ADVERTENCIA LEGAL<BR>
El contenido de este correo es confidencial y dirigido unicamente a su destinatario. Para acceder a su clausula de privacidad consulte http://www.barceloviajes.com/privacy<BR>
<BR>
LEGAL ADVISORY<BR>
This message is confidential and intended only for the person or entity to which it is addressed. In order to read its privacy policy consult it at http://www.barceloviajes.com/privacy<BR>
<BR>