LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-06-2008, 01:57 PM   #1
cusco
LQ Newbie
 
Registered: Mar 2005
Location: Portugal
Distribution: Debian
Posts: 15

Rep: Reputation: 0
Debian with two internet connections - one of the routes take long to ...


Hello! I have two internet connections but with one I cannot access the outside internet, only the intranet

here are my routes:
Code:
tretas:~# time route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 ath1
192.168.0.0     *               255.255.255.0   U     0      0        0 eth1
default         192.168.0.1     0.0.0.0         UG    0      0        0 eth1
default         192.168.1.254   0.0.0.0         UG    0      0        0 ath1

real    0m10.392s
user    0m0.008s
sys     0m0.000s
Pinging both gateways:
Code:
tretas:~# ping 192.168.1.254
PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data.
64 bytes from 192.168.1.254: icmp_seq=1 ttl=64 time=5.18 ms
64 bytes from 192.168.1.254: icmp_seq=2 ttl=64 time=4.67 ms
64 bytes from 192.168.1.254: icmp_seq=3 ttl=64 time=5.18 ms

--- 192.168.1.254 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 4.673/5.014/5.186/0.241 ms


tretas:~# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.749 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.597 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.605 ms

--- 192.168.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.597/0.650/0.749/0.072 ms
Using curl with both interfaces:
Code:
cusco@tretas:~$ time curl checkip.dyndns.org
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m3.738s
user    0m0.012s
sys     0m0.012s


cusco@tretas:~$ time curl checkip.dyndns.org --interface eth1
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m0.778s
user    0m0.020s
sys     0m0.008s


cusco@tretas:~$ time curl checkip.dyndns.org --interface ath1
curl: (28) connect() timed out!

real    5m0.027s
user    0m0.008s
sys     0m0.016s
But as root:
Code:
tretas:~# time curl checkip.dyndns.org
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m0.719s
user    0m0.016s
sys     0m0.012s

tretas:~# time curl checkip.dyndns.org --interface ath1
<html><head><title>Current IP Check</title></head><body>Current IP Address: 86.147.151.252</body></html>

real    0m0.602s
user    0m0.012s
sys     0m0.020s

tretas:~# time curl checkip.dyndns.org --interface eth1
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m5.680s
user    0m0.012s
sys     0m0.020s

My objective is to make squid go out on ath1 as defined in the conf and everything else use eth1

maybe you guys can help me...

thanks
 
Old 07-06-2008, 02:04 PM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
You have two default routes.

Delete the one that does not go outbound to the Internet.
 
Old 07-06-2008, 02:18 PM   #3
cusco
LQ Newbie
 
Registered: Mar 2005
Location: Portugal
Distribution: Debian
Posts: 15

Original Poster
Rep: Reputation: 0
Question

Quote:
Originally Posted by cusco View Post
But as root:
Code:
tretas:~# time curl checkip.dyndns.org
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m0.719s
user    0m0.016s
sys     0m0.012s

tretas:~# time curl checkip.dyndns.org --interface ath1
<html><head><title>Current IP Check</title></head><body>Current IP Address: 86.147.151.252</body></html>

real    0m0.602s
user    0m0.012s
sys     0m0.020s

tretas:~# time curl checkip.dyndns.org --interface eth1
<html><head><title>Current IP Check</title></head><body>Current IP Address: 81.109.221.223</body></html>

real    0m5.680s
user    0m0.012s
sys     0m0.020s
They both outbound to the internet


All I want is squid to go out trough gateway 192.168.1.254

What route rules should I add?
 
Old 07-06-2008, 03:20 PM   #4
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Linux provides the ability for a network app to bind to a particular interface, but only as a privileged user. This is why your test works as root only. And it has to be implemented specifically by the application.

In general, applications do not select the interface used to send traffic - this is a function of the kernel and the routing tables.

You can configure some server applications to listen only on certain interfaces, but not in general tell them where to send packets.

If you want general control over this type of routing, you need iproute2 (ip2) for advanced policy routing.

Without that, you need 1 and exactly 1 default route. It is the route used by that routing machinery when no other specific route matches. In otherwords, the stations hands the packet to the next hop down the line.
 
Old 07-06-2008, 05:31 PM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Probably a good place to start:
http://tldp.org/HOWTO/Adv-Routing-HO...ple-links.html
 
Old 07-07-2008, 12:53 PM   #6
cusco
LQ Newbie
 
Registered: Mar 2005
Location: Portugal
Distribution: Debian
Posts: 15

Original Poster
Rep: Reputation: 0
I have installed iproute and I have been at the website that chort refers to previously.


Code:
tretas:~# ip route show table help
Database /etc/iproute2/rt_tables is corrupted at ip route add 192.168.0.0/24 dev eth1 src 192.168.0.5 table T1
...
My /etc/iproute2/rt_tables reads as follows:
Code:
tretas:~# cat /etc/iproute2/rt_tables
#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep

ip route add 192.168.0.0/24 dev eth1 src 192.168.0.5 table T1
ip route add default via 192.168.0.1 table T1
ip route add 192.168.1.0/24 dev ath1 src 192.168.1.65 table T2
ip route add default via 192.168.0.254 table T2
--

I know applications follow always the kernel default route, but if told to, many applications bind to certain interface.

In my case Squid has an option - tcp_outgoing_address - that is exactly what I want. Squid doesn't run as root as I think it could be unsafe at some point, so it will only timeout.

--

Now I was trying aagain to get my head around those ip route options but for now it still is too complicated for me.

Please, can somebody help me?
 
Old 07-07-2008, 01:58 PM   #7
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Quote:
Originally Posted by cusco View Post
I know applications follow always the kernel default route, but if told to, many applications bind to certain interface.
Actually, no, they don't. Networking apps can configure on which addresses they *listen*; the kernel controls how packets are routed. Only in the special case as mentioned earlier can this be influenced.
Quote:
Originally Posted by cusco View Post
In my case Squid has an option - tcp_outgoing_address - that is exactly what I want. Squid doesn't run as root as I think it could be unsafe at some point, so it will only timeout.

Now I was trying aagain to get my head around those ip route options but for now it still is too complicated for me.

Please, can somebody help me?
We can't do the work for you. It is going to take time to get your "head around" all this stuff. In my opinion, anyone doing advanced routing needs to understand how to do basic packet capture, debug a config file, and present trial/error results to a public forum to get more help.

See if this is useful.

http://forums.theplanet.com/index.ph...0&#entry591205

I'm sure you'll find plenty of examples.
 
Old 07-07-2008, 05:43 PM   #8
cusco
LQ Newbie
 
Registered: Mar 2005
Location: Portugal
Distribution: Debian
Posts: 15

Original Poster
Rep: Reputation: 0
Red face

Quote:
Originally Posted by Mr. C. View Post
Only in the special case as mentioned earlier can this be influenced.
What was the special case that you are referring to?


Quote:
Originally Posted by Mr. C. View Post
See if this is useful.

http://forums.theplanet.com/index.ph...0&#entry591205

I'm sure you'll find plenty of examples.
I am (and was) more than satisfied with my knowledge about squid.

I know what I need to know regarding its configuration.

ROUTES is what I must learn more about.

Perhaps you can point me some documentation not to extensive to read as I think that what I want is not that advanced.
 
Old 07-07-2008, 05:56 PM   #9
cusco
LQ Newbie
 
Registered: Mar 2005
Location: Portugal
Distribution: Debian
Posts: 15

Original Poster
Rep: Reputation: 0
Also I think this is what I am supposed to have following http://tldp.org/HOWTO/Adv-Routing-HO...ple-links.html

Code:
tretas:~# ip route

192.168.1.0/24 dev ath0  scope link  src 192.168.1.65
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.5
default
        nexthop via 192.168.0.1  dev eth1 weight 1
        nexthop via 192.168.1.254  dev ath0 weight 1
tretas:~#


tretas:~# route -e

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     *               255.255.255.0   U         0 0          0 ath0
192.168.0.0     *               255.255.255.0   U         0 0          0 eth1
default         192.168.0.1     0.0.0.0         UG        0 0          0 eth1
but I cannot still go out trough interface ath0 or ip 192.168.1.65 (wich belongs to that interface)

--
additional info:

Code:
tretas:~# cat /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface

auto ath0
auto eth1

iface ath0 inet static
        wireless-essid BTHomeHub-F068
        wireless-key F22D019575
        wireless-channel 7
        address 192.168.1.65
        netmask 255.255.255.0
        gateway 192.168.1.254

iface eth1 inet static
        address 192.168.0.5
        netmask 255.255.255.0
        gateway 192.168.0.1
 
Old 07-07-2008, 05:58 PM   #10
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Yes, that's right.

TCP/IP is a packet switching network. Packet switching is handled in the kernel, as directed by the route table. Applications create and open a socket to a remote connection; they do not specify how the packets get there, or which interface to use. The kernel handles this.

Documentation? I'll get you started; there's an entire web full of good sites:

http://cis68c2.mikecappella.com/file...re-routing.pdf
http://www.linux.org/docs/ldp/howto/NET3-4-HOWTO.html
http://www.linux.org/docs/ldp/howto/...iew-HOWTO.html

and chort gave you a good ip2 link. I can't do the "not too extensive to read" filtering for you. That's like asking me if you should wear a coat outside because you're not sure if it is too cold!
 
  


Reply

Tags
network interface


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Static routes using routes/ifroutes-eth-id.. files and default gateway disabled TimtheEagle Linux - Networking 0 05-31-2008 07:08 PM
Making Connections Takes Too Long LinuxCrayon Linux - Networking 4 02-10-2008 02:59 PM
Routes, Intranet, and Internet unknownmosquito Linux - Networking 1 12-12-2007 07:35 PM
Merge two internet connections on Debian ALInux Linux - Networking 1 02-02-2006 01:40 PM
debian - make routes permanent codeape Debian 2 02-14-2004 01:18 PM


All times are GMT -5. The time now is 07:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration