mnw21cam
asked on
I want to choose my source address
I have a linux (kernel 2.4) machine with several network interfaces:
interface IP address
lo 127.0.0.1
lo:0 10.0.3.9
ppp0 dynamic
ppp1 10.2.3.9
ppp2 10.252.3.9
Normally, when a program does something outgoing in the IP world, it chooses a source IP address from the interface that will route to the destination IP address. This causes problems for me, because ppp1 and ppp2 are unreliable, so a TCP connection may die because the machine suddenly no longer has the address 10.2.3.9, regardless of whether I can set up routing tables to get the packet to the right machine.
Instead, I want to have the source address chosen from the following table:
destination source
10.x.x.x 10.0.3.9
127.x.x.x 127.0.0.1
x.x.x.x dynamic (ppp0)
Is this possible under linux?
(Sorry, I only have 75 points at the moment - until next month)
interface IP address
lo 127.0.0.1
lo:0 10.0.3.9
ppp0 dynamic
ppp1 10.2.3.9
ppp2 10.252.3.9
Normally, when a program does something outgoing in the IP world, it chooses a source IP address from the interface that will route to the destination IP address. This causes problems for me, because ppp1 and ppp2 are unreliable, so a TCP connection may die because the machine suddenly no longer has the address 10.2.3.9, regardless of whether I can set up routing tables to get the packet to the right machine.
Instead, I want to have the source address chosen from the following table:
destination source
10.x.x.x 10.0.3.9
127.x.x.x 127.0.0.1
x.x.x.x dynamic (ppp0)
Is this possible under linux?
(Sorry, I only have 75 points at the moment - until next month)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Though it took me absolutely ages to find any documentation at all on iproute2.
For anyone who is interested, it's available at http://snafu.freedom.org/linux2.2/docs/ip-cref/ip-cref.html
For anyone who is interested, it's available at http://snafu.freedom.org/linux2.2/docs/ip-cref/ip-cref.html
Yeah, the docs kinda suck - be glad your solution doesn't call for the use of 'tc' traffic-shaping command (another super-cool, horribly documented tool in the iproute2 set).
IIRC, the advanced routing howto talks about iproute2 quite a bit...
Problem solved, or do you need some examples?
Cheers,
-Jon
IIRC, the advanced routing howto talks about iproute2 quite a bit...
Problem solved, or do you need some examples?
Cheers,
-Jon
ASKER
Problem solved. Cheers.
I had actually been investigating tc for solving some other problems, but I'll deal with that later.
I had actually been investigating tc for solving some other problems, but I'll deal with that later.
BTW, the ip rule command isn't that bad - you just need to realize that you will prob want to have at least two routing tables, and use appropriate 'ip rule' commands to select between them. You could also use fwmark as part of your criteria (in addition to the src address - actually, src address-based routing can also be realized with the appropriate use of the fwmark rule). IMO, the biggest problem with the iproute2 tools is there are often a few different way to do what you want, but no one gives exmaples for any of them, or talks about why one way would be better than another.
-Jon
-Jon
ASKER
Problem solved. Cheers.
I had actually been investigating tc for solving some other problems, but I'll deal with that later.
I had actually been investigating tc for solving some other problems, but I'll deal with that later.
BTW, if you need some 'tc' examples, I think I can dig up some of those as well ('tc' is super-handy for dedicating a certain small amount of bandwidth for latency-sensitive apps like telnet or ssh).
Cheers,
-Jon
Cheers,
-Jon
ASKER
I only need one routing table at the moment, thank goodness, since I don't need to route according to source IP address. I only need to choose the source address I use.
ASKER
Oh, here you go. I think I'm getting the hang of these new commands. They're not actually that bad - once you have found the doc.
BTW, when you make adjustments to the routing config using 'ip rule', I've found that issuing this command:
echo 1 > /proc/sys/net/ipv4/route/f
causes the changes to take effect immediately (don't worry - it doesn't flush the route table, just the route cache)
I've noticed that policy routing changes often take quite some time to take effect [presumably the route cache time out on its own] unless the route cache is cleared using the above command.
-Jon
echo 1 > /proc/sys/net/ipv4/route/f
causes the changes to take effect immediately (don't worry - it doesn't flush the route table, just the route cache)
I've noticed that policy routing changes often take quite some time to take effect [presumably the route cache time out on its own] unless the route cache is cleared using the above command.
-Jon
Glad you found your solution (and thx for the pts).
Feel free to post back here if you need additional help.
Cheers,
-Jon
Feel free to post back here if you need additional help.
Cheers,
-Jon
ASKER
Indeed - I have just been able to set it up so that it works. Now I just need to put it all into a script.