« Home | Revealing your routing tables » | Where do the IP addresses come from? » | Just what is routing? » | Mysql Database Backup Script » | Listing files by size » | Where am i always » | Possible to get the administrator password ? » | 11 Unix Tricks » | Who sent me mail » | Strings - old but a goodie » 

Friday, March 17, 2006 

How can I have two default routes?

This is where advanced routing comes into play (finally!). With advanced routing, you can have as many routing tables as you need; in this case you need to add just one for the new DSL line.

First, add a name for the new routing table to the file /etc/iproute2/rt_tables. You can append it to the file with command "echo 2 dsl2 >> /etc/iproute2/rt_tables".

# echo 2 dsl2 >> /etc/iproute2/rt_tables
# cat /etc/iproute2/rt_tables list the file contents
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
2 dsl2 the line you just added

Earlier I mentioned that typing "ip route" is a shortcut for the longer command "ip route show table main". Well, to list the new routing table you have to use the long form: "ip route show table dsl2" If you enter this command right now, you will see the new table is empty.

You really only need to add the new default route to the new table; the old "main" table will continue to handle everything else. You will see why in a minute. Once again, here is the existing "main" table.

# ip route show table main
63.63.63.0/29 dev eth0 proto kernel scope link src 63.63.63.1
30.31.32.0/29 dev eth1 proto kernel scope link src 30.31.32.1
default via 63.63.63.6 dev eth0

Add the new default route to table dsl2 and then look at the (short) table.

# ip route add default via 30.31.32.6 dev eth1 table dsl2
# ip route show table dsl2

default via 30.31.32.6 dev eth1 the whole table is just one line

But the new table is not used yet!

You need to learn one more command, "ip rule"

A routing table tells where packets should go (its destination). You need to be able to tell the kernel to use a different table, based on where a packet is from (its source address).

The existing ip ruleset is very simple, look at it now.

# ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default

You need to add just one new rule:

# ip rule add from 30.31.32.1 lookup dsl2 prio 1000 

This command says "add a rule" to handle the case when a packet has a "from" pattern of "30.31.32.1"; use the routing table called "dsl2", and assign the rule a priority level of "1000". Now relist the rules. In this example, the "pattern" only needs to match one address but if you build a Linux router, you could set patterns that would match different sets of addresses.

# ip rule
0: from all lookup local
1000: from 30.31.32.1 lookup dsl2
32766: from all lookup main
32767: from all lookup default

The kernel searches the ip rules in order, starting with the lowest priority and continuing through each rule and routing table until the packet has been routed successfully.

Your default ruleset will always have a 'local' table with 'all' as the match pattern. The local table handles traffic that is supposed to stay on the local machine, and broadcast traffic.

Our new rule comes next, with a priority of 1000. I picked this number to make adding other rules before and after ours easy later on.

After our rule comes the 'main' table, which is the one that is manipulated by the old 'route' command. Finally comes the 'default' table. I don't know the official purpose of default, it's empty on all the systems I have set up. There is a 'default' route in the table 'main', so no traffic ever gets to the table 'detault'.

Caveats

When you are playing with multiple routing tables, you have to remember to add the 'table' portion to the command. I have only forgotten about 1000 times now. It can be mystifying when rules change in the wrong table (main). And of course, you are sure to confuse things when learning and lock yourself out if you are remotely logged in. The changes happen FAST. Use a console connection.

Another tip. Routes are cached. This means that if you update a routing table and nothing seems to happen, don't get frustrated, just flush the cache. You can make several changes at once and then flush the cache at the end so that the changes effectively all happen simultaneously. This is handy when working on a running router.

The flush command I use is "ip route flush table cache". Be very careful with the flush command!! Enter it wrong and you will remove all routing rules, instantly cutting off your networks.

Hello I am the traffic man, zip, zip, zip. make a new resolution to get a flood of traffic to your website this year. Let me show you how to get FREE traffic to your site. Yes I said FREE, FREE, FREE!!! Don't delay.

To find out more, visit my net money site. It successfully covers FREE information exposing FREE traffic and net money related stuff. Don't forget - FREE, FREE, FREE. You have nothing to lose!

Post a Comment

Links to this post

Create a Link

About me

  • I'm Adrian
  • From Manila, Philippines
  • Humankind cannot gain anything without first giving something in return. To obtain, something of equal value must be lost. That is alchemy's first law of Equivalent Exchange.
My profile

Links

    Add to Google Add Mox Diamond to Newsburst from CNET News.com Subscribe in NewsGator Online Subscribe in FeedLounge Add to netvibes
Powered by Blogger
and Blogger Templates