Greetings fellow-LUGgers!
I am trying a different (for me) approach to a multi-homed
box. I have
two external interfaces and I would like to
route the traffic for load control. I have done something
very much
like this before using a custom linux kernel
into which I had rolled all the iptables extras such as
matching on TOS
and ETH. As I am using a stock kernel on
this box currently, I am trying to do manipulate the routing
via the ARP
(RARP) table---I think that's it.
For this I am using the line command "ip". A
"man ip" yields a
treasure-trove of information. Unfortunately I
am not skilled enough to understand it all.
What I have done is brought up both interfaces on this FC4
box by
setting up the static ip info in /etc/sysconfig/
network-scripts/ifcfg-eth0 and ifcfg-eth1. The
"service network
restart" activates both IF; the last one to be
run becomes the default gateway. From "route":
Kernel IP routing table
Destination Gateway Genmask Flags Metric
Ref Use
Iface
192.168.84.0 * 255.255.255.0 U 0
0 0 eth1
192.239.84.0 * 255.255.255.0 U 0
0 0 eth0
169.254.0.0 * 255.255.0.0 U 0
0 0
eth1
default 192.168.84.1 0.0.0.0 UG 0
0 0 eth1
Now to get the other gateway back in, I ran "route add
default gw
192.239.84.1"
This does leave me with *two* default gw.....
Kernel IP routing table
Destination Gateway Genmask Flags Metric
Ref Use
Iface
192.168.84.0 * 255.255.255.0 U 0
0 0 eth1
192.239.84.0 * 255.255.255.0 U 0
0 0 eth0
169.254.0.0 * 255.255.0.0 U 0
0 0
eth1
default 192.239.84.1 0.0.0.0 UG 0
0 0 eth0
default 192.168.84.1 0.0.0.0 UG 0
0 0 eth1
To use ARP to direct the tcp/ip packets I then issued the
command:
ip route add 192.168.84.150 via 192.168.84.1
My route table was changed by one line; a single one at the
top....
Kernel IP routing table
Destination Gateway Genmask Flags Metric
Ref Use
Iface
crew01.igex.org 192.168.84.1 255.255.255.255 UGH 0
0 0 eth1
192.168.84.0 * 255.255.255.0 U 0
0 0 eth1
192.239.84.0 * 255.255.255.0 U 0
0 0 eth0
169.254.0.0 * 255.255.0.0 U 0
0 0
eth1
default 192.239.84.1 0.0.0.0 UG 0
0 0 eth0
default 192.168.84.1 0.0.0.0 UG 0
0 0 eth1
It **seems** to be behaving correctly. Does this seem
correct to you
capable network folks out there?
The "man ip" command is very powerful and a good
read. Again, I wish I
understood all of the arguments
that are available for "ip". I also found a
good debian/ubuntu tool
"traceproto" to replace the
"traceroute"
command. The traceproto command is extremely configurable
and can walk
a series of ports via a specified
protocol. It also has an ncurses display available with it
(I haven't
tried that yet....just cmd line).
The reason behind this excercise is that we are joining a
network
(similar to Internet2) which is a sub-set
of the general internet. Specifically it is an academic
network; my job
is associated with George
Mason University. One cannot, for example, go to google.com
through the
I2/academic class network.
I'm trying to set-up an essentially dedicated network for
data
acquisition independent of the general-use
internet network. It's not as fast as the GRID network,
but it will be
a good tool for us.
Thanks for reading.
megan
--
Megan Larko, IT Systems Administrator
Center for Research on Environment & Water (CREW)
4041 Powder Mill Road., Suite 500
Calverton, MD 20705-3106
_______________________________________________
dclug mailing list
dclug tux.org
http://www.
tux.org/mailman/listinfo/dclug
|