Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
advanced routing problems
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Fri Oct 28, 2011 2:28 pm    Post subject: advanced routing problems Reply with quote

hi everyone

i have a problem that is making me crazy

i have a pc with four real nics, eth0 through eth3.

eth0 is in subnet 10.0.0.0/24
eth1 is in subnet 10.0.1.0/24
eth2 is in subnet 10.0.2.0/24
eth3 is in subnet 10.0.3.0/24

eth1 and eth2 are directly connected by a router that does his job and keeps track of "some useful information", i.e. it is pretty useless but it needs to stay there and i cannot move it from there

what i need is traffic from eth0 to flow through eth1, eth2 and eth3, regardless the destination address. i want also traffic coming from eth3 to travel through eth2, eth1 and finally eth0

simpler... all traffic coming from eth0 should go on eth1, all traffic coming from eth2 should go on eth3, all traffic coming from eth3 should go on eth2, and all traffic coming from eth1 should go on eth0

how can i do that? i tried ip route add 10.0.3.0/24 via 10.0.1.x dev eth1, but the traffic coming from eth0 and directed to eth3 doesn't follow the flow i want, but is directly delivered to eth3

thanks in advance
luca
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16008

PostPosted: Sat Oct 29, 2011 12:53 am    Post subject: Reply with quote

You might be able to do this by bridging the interfaces, but this seems like a very inefficient way to handle traffic. Could you explain why you want to do this?
Back to top
View user's profile Send private message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Sat Oct 29, 2011 7:01 am    Post subject: Reply with quote

eth1 and eth0 are not real card... they are tap interfaces offered by a net simulation program. i need the machine to act like a trasparent proxy so i can test a client/server application in lots of conditions, i.e. i can simulate an arbitrary number of nodes, delay, error rate, etc...
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16008

PostPosted: Sat Oct 29, 2011 4:21 pm    Post subject: Reply with quote

Do you need it to be a transparent proxy or do you only need it to route the traffic without terminating the TCP connections locally? Those are different requests, and this would be easier if you can act as a router instead of a bridge.
Back to top
View user's profile Send private message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Sat Oct 29, 2011 7:37 pm    Post subject: Reply with quote

my bad.

i need all traffic coming from eth0 be redirected on eth1, no matter what
idem, i need all traffic coming from eth2 be routed through eth3

is that feasible?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16008

PostPosted: Sat Oct 29, 2011 8:37 pm    Post subject: Reply with quote

If you can act as a router instead of a bridge, then this could probably be done with policy based routing. If you must act as a bridge, then I do not know if this can be done.
Back to top
View user's profile Send private message
AngelKnight
Tux's lil' helper
Tux's lil' helper


Joined: 14 Jan 2003
Posts: 126

PostPosted: Thu Nov 17, 2011 5:48 pm    Post subject: Reply with quote

Give the post a read: http://article.gmane.org/gmane.linux.network/146810

Note that this *is* a while ago... though I don't think that queueing disciplines have changed much, it's possible this feature doesn't exist anymore, or exists under a different qdisc name.

(Edit: correct a thinko)
Back to top
View user's profile Send private message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Thu Nov 17, 2011 5:53 pm    Post subject: Reply with quote

i'll have a look, thanks
Back to top
View user's profile Send private message
malern
Apprentice
Apprentice


Joined: 19 Oct 2006
Posts: 170

PostPosted: Fri Nov 18, 2011 9:24 am    Post subject: Reply with quote

Depending on your throughput requirements you might be able to do what you want with net-misc/vde.

Run vde_switch in hub mode to create a virtual hub, then "plug" all your interfaces into it. That should cause all traffic coming in one interface to be sent to all the others. That might be a bit more than you want, but I think you should be able to use netfilter to block the traffic you don't want.
Back to top
View user's profile Send private message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Fri Nov 18, 2011 9:31 am    Post subject: Reply with quote

i don't think i have understood what you're saying... can you please explain a little bit more?
thanks
Back to top
View user's profile Send private message
malern
Apprentice
Apprentice


Joined: 19 Oct 2006
Posts: 170

PostPosted: Fri Nov 18, 2011 11:03 am    Post subject: Reply with quote

Sure, net-misc/vde is a set of tools for creating virtual ethernet devices (switches, hubs, etc). It comes with a program called vde_switch. If you run "vde_switch -hub" you create a virtual hub. You can then virtually plug your interfaces into the hub by running "vde_plug2tap <interface>" (you said your interfaces are actually tap devices, so I believe this should work). Once you have that setup then any traffic coming into your interfaces will be sent to the virtual hub. The hub will then send that traffic out to all the other connected interfaces.

So anything coming in on eth0 will go out to eth1, eth2 and eth3. And anything coming in on eth3 will go out to eth0, eth1 and eth2. Which I'm assuming is what you wanted. The only issue is stuff coming in on eth1 will also go to eth0, eth2 and eth3 (and eth2 will go to eth0, the1 and eth3) as you'd expect with a hub setup. Not sure if this is a problem for you, but if it is you can probably block the unwanted traffic with some iptables rules.

The other thing to note is the vde_switch program runs in userspace so it won't be as efficient as in-kernel routing. Therefore the amount of data you can send per second through a system like this will be lower than a kernel solution. Whether this is a problem depends on how much throughput you need and how powerful your hardware is.
Back to top
View user's profile Send private message
hfish2
n00b
n00b


Joined: 28 Oct 2011
Posts: 6

PostPosted: Fri Nov 18, 2011 11:04 am    Post subject: Reply with quote

definetely clearer, thanks!

i'll try :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum