ARTICLE

Ask Dr. UN*X Continued
Contributed by Brian Wilson in Network on 2006-03-13 16:04:08
Page 5 of 8

Adding the second line

Still with me? It should have been straightforward so far; adding the second line is when things get difficult.

After installing the new network card and getting it connected to DSL #2, you find that it's been assigned the address of 30.31.32.1 and the new DSL router is at 30.31.32.6.

Unless you made other changes, your system will probably continue to use DSL #1 as the default route and your routing table will now look like this. (I have also seen systems use the second line as the default router, I think it might be dependent on the distro.) 

# ip route
63.63.63.0/29 dev eth0 proto kernel scope link src 63.63.63.1
30.31.32.0/29 dev eth1 proto kernel scope link src 30.31.32.1
default via 63.63.63.6 dev eth0

If you are sitting at the console of your machine and your personal web server is configured to listen to all available interfaces, you can bring up a web browser on the console and surf to either http://63.63.63.1/ or http://30.31.32.1/; you will see your home page both places.

But what happens when your friend on the Internet tries to hit your page at its new address http://30.31.32.1/ ? The request comes in via DSL router #2, which passes it onto your new ethernet line (/dev/eth1).

The problem is that the system does not know how to route packets back to your friend's computer. Because no connection can be established, no page gets sent back.

On your computer, you can use the ping command to test connections. 

ping 63.63.63.1  test your own network interface on eth0
ping 30.31.32.1  test the interface on eth1
ping 63.63.63.6  test the router on dsl 1
ping 30.31.32.6  test the router on dsl 2
ping yahoo.com   see if you can reach the Internet

In each case you will see something similar to this: 

# ping 63.63.63.6
PING 63.63.63.254 (63.63.63.254) 56(84) bytes of data.
64 bytes from 63.63.63.254: icmp_seq=1 ttl=150 time=0.480 ms
64 bytes from 63.63.63.254: icmp_seq=2 ttl=150 time=0.481 ms
64 bytes from 63.63.63.254: icmp_seq=3 ttl=150 time=0.471 ms
.
.
.
(Hit control-c to end the test)

--- 63.63.63.254 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.471/0.477/0.481/0.018 ms

All these tests should still work without changing routing, including the one that hits yahoo.com out on the Internet. Traffic bound for the Internet continues to use the default route on DSL #1.



Article Index
Ask Dr. UN*X Continued
Just what is routing?
Where do the IP addresses come from?
Revealing your routing tables
Adding the second line
How can I have two default routes?
Making the new commands sticky
Further resources
 
Discussion(s)
Great intro - but I've having an annoyi
Written by brighton36 on 2006-03-18 00:52:00
I've been using a multipath routing setup for my office for a while now. SO far, its been largely ok. The problem is that with some types of traffic my connections that should be established, oddly cease to be . SSH and IM are the two biggies. Its very frustrating. My guess is that the route tables are cleaned up, and the existing , established connection is attempted to connect out the alternate line that it was previously set at. Does anyone have this problem? Any ideas as to how to fix this? I've seen a number of other people ask in different forums, but no great solutions have been forthcoming.
Discuss! Reply!

thanks!
Written by kris on 2006-04-07 18:16:47
I just want to thank you people for writing so comprehensive and knowledgeable. All the other guides have been great; will read this one in a bit.

thanks for the effort! :)
Discuss! Reply!

good, simple info
Written by richard on 2006-03-27 20:36:27
Good to see a simple exlanation of what's going on. I'm setting up two ADSL connections to service my network through a router running FC4. I've got the routes part working (i hope) but I'm wondering how I can firewall both connections. I get the second ADSL modem today so I can see if the routing is working but I would appreciate some help on what I need to do re the firewall. I'm currently using firewall=iptables which is working fine but only has settings for one external and one internal interface. Can I set up a second external interface in the one script and duplicate the rules as required or should I set up a second firewall script? Any tips welcome
Discuss! Reply!