2 Cable Modems -- Need Some Basic Linux Networking Info

[Netdale]

Alright, I've been searching the net and forums for a while, and reading everything in sight, yet still havent found a solution. Here's the problem......(please take note that I'm not trying to load balance or anything sophisticated *yet)

So, I have 2 cable modems, both which will assign ifconfig -a an IP. So the modems are working properly, yet my problem lies in the "routing". I want to have one modem dedicated as a gateway for my internal LAN, and both modems being able to serve stuff to the public (HTTP FTP HL). The problem I'm running into is an odd one. I can get the second modem to load (meaning eth1 in this case, since it loads after eth0, to work as a gateway and public server). Yet only eth1 will work. eth0 is almost deactivated when eth1 comes online. I've switched cable modems on the cards to make sure it wasnt them, its something in the way Gentoo is routing.....IDEAS? I hope I'm clear enough on this. I have a copy of my iptables to see if the bug lies there. Here is a basic overview of what I want

Eth0 - cable modem (LAN Gateway & Public Server)
Eth1 - cable modem (Public Server)
Eth2 - LAN

[m0pr0be]

hi,

i havent read through your iptables config, so i dont know if theres something wrong there.

but to keep it simple i would start without iptables at all and set up the routing so that it works from your gateway machine.

i would suggest reading some or all of rusty's networking howtos. especially u need to read the "advanced routing howto", because u need the knowledge from this howto to achieve what u want. it explains the iproute2 tool and things like source routing, policy based routing ( not to confues with a routing policy)

post a message if u have any problems.

-Christoph

[Netdale]

Does it have someting to do w/ the fact that both modems have a webinterface @ 192.168.100.1, somehow they both might want to be routed there....u follow what I'm saying?

Dale

[klieber]

[mrchuckles]

Wow, interesting routing questions. I'd have to do some research to answer your questions, which I don't have time to do. However, I can point you in the right direction to do your own research.

I would disable any NAT features of the cable modems, so that your PC's external NICs get an external IP address. Give the internal NIC a private subnet (192.168.0.0/24 for example). Read the IPmasq howto. Setup NAT for your internal LAN, routing all packets out eth0. Read the Advanced Routing HOWTO, specifically the section on source based routing. The goal is respond to incoming traffic over the same interface it came in on.

Also, a Google search on tri-homed PC may turn up a link on the general topic of what you're trying to accomplish (although they'll probably mostly deal w/ firewalls that handle a DMZ).

Good luck!

[Netdale]

[Netdale]

Does that help at all -- I have both modems setup to give me external ips, so that isnt the problem. I think what I was saying b4 confused some people. What i meant by that 192.168.100.1 is that each modem has a config panel that runs on it. I'm not exactly sure how it works and assigns ips, but, I do believe it has something to do w/ internal NAT on the modem side, meaning:

Each modem's CAT5 port has an ip of 192.168.100.1, and although the linux machine recieves a "real" ip, it still somehow has to map it back through. Thus, whichever net.ethx I load secondly gets priority and its webcontrol panel works, as well as routing, webserver, the whole 9yds.

IDEAS?

Thanks
Dale

P.S. This might be the end goal -- load balancing, but I first need to get the modems working at the same time -- take it step by step


http://www.linux.org/docs/ldp/howto/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html

[mrchuckles]

Okay, it looks like your basic setup is okay in regards to IPs and interfaces. Now you need to read up on policy/source routing (iproute2 is your friend). Follow the links from my previous posts. BTW, it appears UNC is temporarily down, so linuxdoc.org isn't responding right now.

If load balancing is your goal, then the Advanced Routing HOWTO will help you with that also.

[Netdale]

Ok, I've read everything on that topic, and I have iproute2 working......yet

I still think the problem remains in the fact that they both are in the same network -- 68.82.12.0/24 And linux has no idea what to do

Does this make sense -- I'm not sure how I can explain it

Also, for some reason when dhcpcd runs, it tries to get an external ip closest to my hostname (/etc/hostname - 68.82.12.34). My question would be, if I somehow got it dhcpcd (not sure how) to give me a different ip, such as 68.82.248.1, would this help my problem (I can get my windows machine to do this.....) since it would be in a different "network" (versus the same 68.82.12.0/24)???


Dale

[Netdale]

I GOT IT I GOT IT!!! Wahoo!

Ok, everything is working (*fingers crossed)

yet......my only remaining problem is that I cannot get a ping/website to come up on my external interfaces. Meaning, the Net can go to either IP and see my server (apache), yet I cannot even view it......any suggestions, its some local loop thing, but the way I have my routing tables, i flush them first, and somehow I lost it

Dale

[mr-simon]

I'm not 100% sure what you mean by your last post, but I've done something very similar on my gateway machine so I thought I'd offer some advice. It wasn't the easiest thing in the world to do (for me, anyway.)

I managed to get my gateway masquerading and "sharing" bandwidth over both a cable and DSL connection, because me and my housemate are bandwidth junkies. It works well.

You should definately read this page in the Advanced Routing HOWTO. The important thing is the bit that makes the machine answer packets on the same interface that they came in on. IIRC If you don't do that, your machine may start replying with packets that came from a different IP than the one the request was made to, which will confuse the hell out of any client, and everything will be a non-starter. (See the bit about tables T1 and T2 on that page)

For load sharing, I just set up a round-robin DNS. It's not "proper" load sharing but in practise it works reasonably.

If you do all of that, then you should have no problems.

If you're planning to do NAT/masq you will probably need to apply these kernel patches. I'm not sure quite what they do... All I know is my config works perfectly with them, but not without them.

Hope that helps.
_________________
"Pokey, are you drunk on love?"
"Yes. Also whiskey. But mostly love... and whiskey."

[Netdale]

Ok, what exactly do u mean in regard to ur last post -- the patches and it not working? I currently have it kinda working, w/o the patches, can u please explain the errors. What I meant in my last post, is that everything seems to working just fine, except that when any machine on my internal network attempts to access 68.82.12.34 or 68.82.12.38, it just hangs, and doesnt load anyhing -- what would this be??

Ip tables? Routing Table?

BTW - my iptable and current routes are here http://dl.mtcrew.net/Misc/

Dale

[Netdale]

Alrigth, I got everything completely working -- its truely great


-patched kernel (http://www.ssi.bg/~ja/#routes-2.4)
-used parts of the iproute2 and Adv Routing docs.....
-I didnt use much of the top part in regards to splitting....
-I also added this line since they both shared the same network /24
-

[Netdale]

I'm still having problems connecting to those IPs on the internal network. It just doesnt route properly -- ideas?

Dale