How can I have two default routes?
First, add a name for the new routing table to the file /etc/iproute2/rt_tables. You can append it to the file with command "echo 2 dsl2 >> /etc/iproute2/rt_tables".
# echo 2 dsl2 >> /etc/iproute2/rt_tables
# cat /etc/iproute2/rt_tables list the file contents
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
2 dsl2 the line you just added
Earlier I mentioned that typing "ip route" is a shortcut for the longer command "ip route show table main". Well, to list the new routing table you have to use the long form: "ip route show table dsl2" If you enter this command right now, you will see the new table is empty.
You really only need to add the new default route to the new table; the old "main" table will continue to handle everything else. You will see why in a minute. Once again, here is the existing "main" table.
# ip route show table main
63.63.63.0/29 dev eth0 proto kernel scope link src 63.63.63.1
30.31.32.0/29 dev eth1 proto kernel scope link src 30.31.32.1
default via 63.63.63.6 dev eth0
Add the new default route to table dsl2 and then look at the (short) table.
# ip route add default via 30.31.32.6 dev eth1 table dsl2
# ip route show table dsl2
default via 30.31.32.6 dev eth1 the whole table is just one line
But the new table is not used yet!
You need to learn one more command, "ip rule"A routing table tells where packets should go (its destination). You need to be able to tell the kernel to use a different table, based on where a packet is from (its source address).
The existing ip ruleset is very simple, look at it now.
# ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
You need to add just one new rule:
# ip rule add from 30.31.32.1 lookup dsl2 prio 1000
This command says "add a rule" to handle the case when a packet has a "from" pattern of "30.31.32.1"; use the routing table called "dsl2", and assign the rule a priority level of "1000". Now relist the rules. In this example, the "pattern" only needs to match one address but if you build a Linux router, you could set patterns that would match different sets of addresses.
# ip rule
0: from all lookup local
1000: from 30.31.32.1 lookup dsl2
32766: from all lookup main
32767: from all lookup default
The kernel searches the ip rules in order, starting with the lowest priority and continuing through each rule and routing table until the packet has been routed successfully.
Your default ruleset will always have a 'local' table with 'all' as the match pattern. The local table handles traffic that is supposed to stay on the local machine, and broadcast traffic.
Our new rule comes next, with a priority of 1000. I picked this number to make adding other rules before and after ours easy later on.
After our rule comes the 'main' table, which is the one that is manipulated by the old 'route' command. Finally comes the 'default' table. I don't know the official purpose of default, it's empty on all the systems I have set up. There is a 'default' route in the table 'main', so no traffic ever gets to the table 'detault'.
Caveats
When you are playing with multiple routing tables, you have to remember to add the 'table' portion to the command. I have only forgotten about 1000 times now. It can be mystifying when rules change in the wrong table (main). And of course, you are sure to confuse things when learning and lock yourself out if you are remotely logged in. The changes happen FAST. Use a console connection.Another tip. Routes are cached. This means that if you update a routing table and nothing seems to happen, don't get frustrated, just flush the cache. You can make several changes at once and then flush the cache at the end so that the changes effectively all happen simultaneously. This is handy when working on a running router.
The flush command I use is "ip route flush table cache". Be very careful with the flush command!! Enter it wrong and you will remove all routing rules, instantly cutting off your networks.
Hello I am the traffic man, zip, zip, zip. make a new resolution to get a flood of traffic to your website this year. Let me show you how to get FREE traffic to your site. Yes I said FREE, FREE, FREE!!! Don't delay.
To find out more, visit my net money site. It successfully covers FREE information exposing FREE traffic and net money related stuff. Don't forget - FREE, FREE, FREE. You have nothing to lose!
Posted by
Scott A. Edwards |
8:27 PM