[clug] asymmetric routing

Chris Zhang chris.zhang.syd at gmail.com
Wed Aug 26 17:57:21 MDT 2009 

Hey Tridge,

Thanks for the iproute2 leads. I have a few questions regarding the rules,
would be grateful if you could please explain a bit further.

On Wed, Aug 26, 2009 at 10:29 PM, <tridge at samba.org> wrote:

> Hi Chris,
>
> I use asymmetic routing on my home server for similar reasons. I have
> a primary ADSL link, but I also have a backup 3G USB modem connected
> to the box (a cheap exetel $5/m account), and I want to be able to ssh
> into my home system if the main ADSL link is down. Without asymmetic
> routing that doesn't work as the server tries to send replies to the
> ssh traffic out the bad ADSL link.
>
> The solution I use is a script like this in /etc/ppp/ip-up.d/routes:
>
>  #!/bin/bash
>  # Called when a new interface comes up
>
>  IFACE="$1"
>  LOCALIP="$4"
>  REMOTEIP="$5"


Is the LOCALIP and REMOTE the PPP end points of your 3G connection and the
ISP end?


>
>  ip rule add from "$LOCALIP/32" lookup SECONDARY
>  ip route add default via "$REMOTEIP" dev "$IFACE" table SECONDARY
>  ip route flush table cache


Are these rules saying: If traffic is originating from the 3G public IP
going out of the computer
, lookup routing table SECONDARY; routing table SECONDARY has a default
gateway,
which is the other side of the 3G PPP endpoint, and to get there we use the
3G interface;
flush cache. ?

>
> then I have this in /etc/iproute2/rt_tables:
>
>  1 PRIMARY
>  2 SECONDARY


That means you have two seperate routing tables? PRIMARY and SECONDARY?
Sorry I have not used iproute2 like this before. Just had a quick read on
the LARTC
doco

>
> The end result is that if I ssh into the IP of my 3G link, reply
> packets come out via that link. All other traffic goes out the main
> link. This means I have a backup way into my server should the primary
> link be down.
>
> I have a script which starts the PPP link over the 3G modem and keeps
> it up. Each time it reconnects the above script fixes up the asymmetic
> routing.
>
> I know this isn't exactly what you asked for, but I thought it might
> be close enough to be useful.

I see your solution is directing traffic coming from a specific IP to reply
through to
a designated interface? which is the real asymetric routing. I guess my
problem is
more of splitting TCP traffic in two different routes. I think Miloska's
tunneling method
in theory does that, what do you think?

>
> Cheers, Tridge
>
Thanks, Chris

More information about the linux mailing list