Slackware Routing: configuring network interfaces, adding persistent routes, routing for multiple uplinks, policy based routing



Adding persistent routes, routing with multiple gateways in Slackware is not a well described procedure that you can easily find in the internet. Even on official web page (http://www.slackware.com/config/network.php) there is no info about setting the routes up. This article represents the Slackware routing configuration, including network interfaces configuration, adding persistent routes and policy based routing for multiple uplinks.

The topology below shows the realistic scenario when there are two uplinks from routers R1 and R2 and the goal is to provide the server availability from these uplinks.


First, configure the network interfaces:

exsentis@SlackFW:~$ sudo nano /etc/rc.d/rc.inet1.conf


# Config information for eth0:
IPADDR[0]="10.163.30.1"
NETMASK[0]="255.255.255.0"
USE_DHCP[0]=""
DHCP_HOSTNAME[0]=""

# Config information for eth1:
IPADDR[1]="10.163.20.1"
NETMASK[1]="255.255.255.0"
USE_DHCP[1]=""
DHCP_HOSTNAME[1]=""

# Default gateway IP address:
GATEWAY="10.163.30.2"

Sure enough, it is possible to define two gateways but a little bit later on. Now a network service should be restarted.

exsentis@SlackFW:~$ sudo /etc/rc.d/rc.inet1 restart

It's time to configure static routes for uplinks to R1 and R2 routers. For that /etc/rc.d/rc.local should be edited. This is a script and below lines need to be added. In case of adding a static routes the configuration looks like below:

exsentis@SlackFW:~$ sudo nano /etc/rc.d/rc.local

#!/bin/sh
#
# /etc/rc.d/rc.local: Local system initialization script.
#
# Put any local startup commands in here. Also, if you have
# anything that needs to be run at shutdown time you can
# make an /etc/rc.d/rc.local_shutdown script and put those
# commands in there.

/sbin/ip route add 1.1.1.0/24 via 10.163.30.2
/sbin/ip route add 2.2.2.0/24 via 10.163.20.2
exit 0

But the task is to definŠµ two default gateways as such, so the configuration should look like:

/sbin/ip route default via 10.163.30.2
/sbin/ip route default via 10.163.20.2
exit 0

But it is not the end now. Suppose we have a gateway and the packets enter that gateway from IP address 192.168.1.20. The packets from that gateway should be sent to another gateway on 10.1.0.1. To do that we need to use a policy routing (PBR) - routing based on some policy. To manage the network interfaces, routing and shaping there is a bulit in kernel utility called iproute2. The configuration file (table content) is in /etc/iproute2/rt_tables. For this example we must create the table with a single rule:

# ip route add default via 10.1.0.1 table 120

Now we create the rule sending the necessary packet into the specified table.

# ip rule add from 192.168.1.20 table 120

To make things clear lets get back to our topology. As a default route only one router (ISP) is used, no matter what is - R1 or R2. There will be requests from another router (ISP) but the response packets will go to the default gateway and thus this scenario will fail.

To slove this configure the following:

1. Define a tables:

echo "1 route1" >> /etc/iproute2/rt_tables
echo "2 route2" >> /etc/iproute2/rt_tables

exsentis@SlackFW:~$ sudo /sbin/ip rule add from 10.163.30.1 table route1
exsentis@SlackFW:~$ sudo /sbin/ip rule add from 10.163.20.1 table route2

2. Define rules:

exsentis@SlackFW:~$ sudo /sbin/ip route add default via 10.163.30.2 table route1
exsentis@SlackFW:~$ sudo /sbin/ip route add default via 10.163.20.2 table route2

To check configured rules:

exsentis@SlackFW:~$ sudo /sbin/ip rule
0: from all lookup local
32764: from 10.163.20.1 lookup route2
32765: from 10.163.30.1 lookup route1
32766: from all lookup main
32767: from all lookup default

To check the content of /etc/iproute2/rt_tables:

exsentis@SlackFW:~$ sudo cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep



1 route1
2 route2


3. Load Balancing between uplinks

exsentis@SlackFW:~$ sudo /sbin/ip route replace default scope global \
nexthop via 10.163.30.2 dev eth0 weight 1 \
nexthop via 10.163.20.2 dev eth1 weight 1

This entry will replace the current default-routing in the table main. So the route will be selected depending on the weight of the gateway. For example, if you specify weights 7 and 3, 70% of the connections will pass through the first gateway, and 30% via the second one.

To clear the route cache:

exsentis@SlackFW:~$ sudo /sbin/ip route flush cache

Comments

Post a Comment

Popular posts from this blog

VNC Server Startup after System Reboot on Ubuntu 16.04

Image
There are dozen of guides how to install VNC server on Ubuntu System. But the main problem is that the VNC server doesn’t startup after reboot. And in this video we gonna try to fix that problem. In our case it’s a Ubuntu 16.04.3 Desktop.   First of all we need to install desktop environment packages the VNC will be using for the remote connections:     $ sudo apt-get install gnome-panel gnome-settings-daemon metacity nautilus gnome-terminal Then lets install TightVNC server:     $ sudo apt-get install tightvncserver To complete the initial setup of the VNC server after installation, we should use the vncserver command to set a secure password and create the initial configuration files: $ vncserver We will be prompted to enter and confirm a password for remote access to the system. After confirming the password, you can create a password for viewing only. Users logged in with a view-only password will not be able to control the VNC ser
Read more