[solved] Failover internet setup not properly routing

Message

maiku · Post by **maiku** » Thu Sep 17, 2009 3:22 pm

The machine can ping any IP address in the internal networks 10.1.1.0/24 and 192.168.2.0/2 but anything outside cannot be reached.

/etc/conf.d/net

modules=( "iproute2" )
config_eth0=( "10.1.1.34/24" )
config_eth1=( "192.168.2.77/24" )

/etc/init.d/multinet

depend() {
after net
}

start() {
ip route add 10.1.1.0/24 dev eth0 src 10.1.1.34 table route1
ip route add default via 10.1.1.1 table route1
ip rule add from 10.1.1.34 table route1

ip route add 192.168.2.0/24 dev eth2 src 192.168.2.77 table route2
ip route add default via 192.168.2.1 table route2
ip rule add from 192.168.2.77 table route2

ip route add default scope global nexthop via 10.1.1.1 dev eth0 weight 1 nexthop via 192.168.2.1 dev eth2 weight 3

}

In the kernel config:

CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_MULTIPATH=y

/etc/iproute2/rt_tables

#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
100 dual
101 route1
102 route2

failovertest linux # ping -c2 192.168.2.102
PING 192.168.2.102 (192.168.2.102) 56(84) bytes of data.
64 bytes from 192.168.2.102: icmp_seq=1 ttl=250 time=1.03 ms
64 bytes from 192.168.2.102: icmp_seq=2 ttl=250 time=1.37 ms

--- 192.168.2.102 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.034/1.204/1.375/0.173 ms

failovertest linux # ping -c2 10.1.1.101
PING 10.1.1.101 (10.1.1.101) 56(84) bytes of data.
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=92.4 ms
64 bytes from 10.1.1.101: icmp_seq=2 ttl=64 time=19.7 ms

--- 10.1.1.101 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 19.763/56.124/92.485/36.361 ms

failovertest linux # ping -c2 74.125.127.100
connect: Network is unreachable

Also, when I run this command manually I get an error:

failovertest linux # ip route add default scope global nexthop via 10.1.1.1 dev eth0 weight 1 nexthop via 192.168.2.1 dev eth2 weight 3
RTNETLINK answers: No such process

Resources:
http://www.gentoo-wiki.info/Dual_internet_connections

maiku · Post by **maiku** » Thu Sep 17, 2009 7:10 pm

Ah. I set the interface wrong. This system has eth0 and eth1.

Now the problem I'm having is that when I bring one network down it still tries to reach that network for some reason. This doesn't make it a good 'failover' connection.

aricart · Post by **aricart** » Thu Sep 17, 2009 7:23 pm

Just throwing this out there, since I don't know too much about the subject . . .

Perhaps you can set a cronjob, or use one of the many "watch" services to reset the default gateway when one or the other interfaces go down?

Obviously you know how to use ip route commands, so fill in the rest

maiku · Post by **maiku** » Thu Sep 17, 2009 9:25 pm

Actually I'm not so good. Everything I got was from all of my google searches. But I did find a script from http://blog.taragana.com/index.php/arch ... -on-linux/ . I modified it a little bit so it pings the ISP's gateway instead of an outside IP. It pretty much does what you said. The only problem is I may have to run it with hup in /etc/conf.d/local.start.

#!/bin/bash
#Copyright Angsuman Chakraborty, Taragana. Permission is granted for personal, non-commercial use.
#The script may not be re-distributed in any form without written permission from Angsuman Chakraborty ( angsuman@taragana.com ).
#The script may be modified for personal use.
#THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE AUTHOR ACCEPTS NO RESPONSIBILITY IN ANY CONCEIVABLE MANNER.

# Conventionally 0 indicates success in this script.

# Time between checks in seconds
SLEEPTIME=10

#IP Address or domain name to ping. The script relies on the domain being
#pingable and always available
TESTIP=www.yahoo.com

#Ping timeout in seconds
TIMEOUT=2

# External interfaces
EXTIF1=eth0
EXTIF2=eth1

#IP address of external interfaces. This is not the gateway address.
IP1=10.1.1.34
IP2=192.168.2.77

#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=10.1.1.1
GW2=192.168.2.1

# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 4 times faster
W1=1
W2=4

# Broadband providers name; use your own names here.
NAME1=10Int
NAME2=192Int

#No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=4
FAILUREREPEATCOUNT=1

# Do not change anything below this line

# Last link status indicates the macro status of the link we determined. This is down initially to force routing change upfront. Don't change these values.
LLS1=1
LLS2=1

# Last ping status. Don't change these values.
LPS1=1
LPS2=1

# Current ping status. Don't change these values.
CPS1=1
CPS2=1

# Change link status indicates that the link needs to be changed. Don't change these values.
CLS1=1
CLS2=1

# Count of repeated up status or down status. Don't change these values.
COUNT1=0
COUNT2=0

while : ; do
ping -W $TIMEOUT -I $IP1 -c 1 $GW1 > /dev/null 2>&1
RETVAL=$?

if [ $RETVAL -ne 0 ]; then
echo $NAME1 Down
CPS1=1
else
CPS1=0
fi

if [ $LPS1 -ne $CPS1 ]; then
echo Ping status changed for $NAME1 from $LPS1 to $CPS1
COUNT1=1
else
if [ $LPS1 -ne $LLS1 ]; then
COUNT1=`expr $COUNT1 + 1`
fi
fi

if [[ $COUNT1 -ge $SUCCESSREPEATCOUNT || ($LLS1 -eq 0 && $COUNT1 -ge $FAILUREREPEATCOUNT) ]]; then
echo Uptime status will be changed for $NAME1 from $LLS1
CLS1=0
COUNT1=0
if [ $LLS1 -eq 1 ]; then
LLS1=0
else
LLS1=1
fi
else
CLS1=1
fi

LPS1=$CPS1

ping -W $TIMEOUT -I $IP2 -c 1 $GW2 > /dev/null 2>&1
RETVAL=$?

if [ $RETVAL -ne 0 ]; then
echo $NAME2 Down
CPS2=1
else
CPS2=0
fi

if [ $LPS2 -ne $CPS2 ]; then
echo Ping status changed for $NAME2 from $LPS2 to $CPS2
COUNT2=1
else
if [ $LPS2 -ne $LLS2 ]; then
COUNT2=`expr $COUNT2 + 1`
fi
fi

if [[ $COUNT2 -ge $SUCCESSREPEATCOUNT || ($LLS2 -eq 0 && $COUNT2 -ge $FAILUREREPEATCOUNT) ]]; then
echo Uptime status will be changed for $NAME2 from $LLS2
CLS2=0
COUNT2=0
if [ $LLS2 -eq 1 ]; then
LLS2=0
else
LLS2=1
fi
else
CLS2=1
fi

LPS2=$CPS2

if [[ $CLS1 -eq 0 || $CLS2 -eq 0 ]]; then
if [[ $LLS1 -eq 1 && $LLS2 -eq 0 ]]; then
echo Switching to $NAME2
ip route replace default scope global via $GW2 dev $EXTIF2
elif [[ $LLS1 -eq 0 && $LLS2 -eq 1 ]]; then
echo Switching to $NAME1
ip route replace default scope global via $GW1 dev $EXTIF1
elif [[ $LLS1 -eq 0 && $LLS2 -eq 0 ]]; then
echo Restoring default load balancing
ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $W1 nexthop via $GW2 dev $EXTIF2 weight $W2
fi
fi
sleep $SLEEPTIME
done

It seems to work pretty well so far. Just not sure how I'm going to start the script at this point. Wish I was better at writing init scripts.