Ask Dr. UN*X Continued - Linux Forums

Applications Desktop Installations Multimedia Misc Network Programming Reviews Security Servers

ARTICLE

Contributed by Brian Wilson in Network on 2006-03-13 16:04:08

This is the rest of the letter that Dr. UN*X is sending to Adrian about his question onto how can people connect to his system using the two DSL lines connected to it, read on to see the rest of the letter.

The first part of this article can be found here

Two networks = twice as much fun

Part 2. Routing two for DSL lines

A recap: I am responding this letter:

Dear Dr. UN*X,
I am currently using my Linux box as a server on the Internet, and it's all working fine. The installer program configured the network interface for me. I am currently using a single DSL line but now I have added a second line and I want remote sites to be able to connect to my system using either DSL line.
I have already installed a second network card, but the system does not see it. I checked the card maker's site and there are no Linux drivers for it!
I don't need to do anything fancy (yet) like load balancing, I just want to be able to support two outside IP addresses.
Where do I go from here?
--Adrian

Hopefully you were able to use part one of this article. If so, you now have a functioning network connection on each of your two DSL lines.

Adrian, you are setting up two lines so that your web server can be reached from two different DSL connections. You didn't say why in your email, but I am guessing you want redundancy and possibly more bandwidth to your server. Round robin DNS would be a simple approach to take once routing over both lines is working. Using multiple DSL lines is not as effective for increasing bandwidth for a single desktop system; I will talk about that later.

For the impatient

It has taken me a lot of work to get to to the point where I am comfortable working with Linux advanced routing. Let's see if I can sum things up for those of you who already understand basic routing. Then you can skip ahead to the section "Adding the second line"

With basic packet routing, there is only one routing table. The kernel choses the path for each packet by examining the destination address of that packet.

With advanced routing, you can create as many routing tables as you want using 'ip route' commands. By using 'ip rule' commands, you teach the kernel which routing table to use based on the source address of each packet. 'Advanced routing' is also called 'iproute2' or just 'iproute' in the Linux world.

That is it in a nutshell.

To get started with advanced routing you don't need to know anything about 'netfilter' (aka iptables). Netfilter can be used to build firewalls and to re-write the addresses in packets (NAT and MASQUERADE). Netfilter is a topic for another day.

Before we begin

Your system probably already has advanced routing built into the kernel; all the distributions that I use come with it. To configure it though, requires installation of a package of utilities so that you can configure the kernel.

Should you be building your own kernel, it needs to have the 'IP: Advanced router' and 'Network packet filtering' options turned on.

Whether the required utility package is installed or not depends on your distribution. The package is usually called 'iproute'. If you have the 'ip' command (look for the file '/sbin/ip') you already have it. Otherwise install the iproute package using the command appropriate for your distribution.

Next: Just what is routing?

Article Index
Ask Dr. UN*X Continued
Just what is routing?
Where do the IP addresses come from?
Revealing your routing tables
Adding the second line
How can I have two default routes?
Making the new commands sticky
Further resources

Discuss!

Discussion(s)

	Great intro - but I've having an annoyi
	Written by brighton36 on 2006-03-18 00:52:00
	I've been using a multipath routing setup for my office for a while now. SO far, its been largely ok. The problem is that with some types of traffic my connections that should be established, oddly cease to be . SSH and IM are the two biggies. Its very frustrating. My guess is that the route tables are cleaned up, and the existing , established connection is attempted to connect out the alternate line that it was previously set at. Does anyone have this problem? Any ideas as to how to fix this? I've seen a number of other people ask in different forums, but no great solutions have been forthcoming.
	Discuss! Reply!

	thanks!
	Written by kris on 2006-04-07 18:16:47
	I just want to thank you people for writing so comprehensive and knowledgeable. All the other guides have been great; will read this one in a bit. thanks for the effort! :)
	Discuss! Reply!

	good, simple info
	Written by richard on 2006-03-27 20:36:27
	Good to see a simple exlanation of what's going on. I'm setting up two ADSL connections to service my network through a router running FC4. I've got the routes part working (i hope) but I'm wondering how I can firewall both connections. I get the second ADSL modem today so I can see if the routing is working but I would appreciate some help on what I need to do re the firewall. I'm currently using firewall=iptables which is working fine but only has settings for one external and one internal interface. Can I set up a second external interface in the one script and duplicate the rules as required or should I set up a second firewall script? Any tips welcome
	Discuss! Reply!