|
Advanced Routing Problem
Hello to everyone out there ...
First of all I would want u to have a look at my Network : My Network : Here is a pictorial depiction of my network ..... ............Connection 1..............========== .....( a broadband ISP...............................| ......using PPPOE protocol..........................| .........runs on DHCP )...............................|===......|_Server ............................................................|===......|_Router....== 15+ Nodes ............................................................|===......|_Firewall. ............................................................|===......|_Mail/FTP ............................................................| ............................................................| ............................................................| ..........Connection 2................========== .....( a cablenet service ISP .......using Cyberoam Protocol ..........runs on a static ip ) where a single machine is to perform routing, firewalling,FTP and Mail, obviously the FTP and Mail are on a very small scale basis they wont be used much and the machines main task at hand would be routing. As you can see my problem begins with the type of network setup itself here is how : 1. The first connection is a Broadband ISP connection and it uses the PPPOE ( Emulation of a hardware ethernet card as a modem ) they have a Dailer - Login Client of their own which authenticates the net connection at runtime. 2. The second connection is a cablenet service provider who strictly swears by his Cyberoam Server setup -- Here too i have to use their login client to authenticate a session and access the Net. This guy uses a static ip to provide me with bandwidth. The Big Question : Can I have a setup using Fedora core 2 as a router which performs the following tasks 1. Routes traffic from both the bandwidths to the internal network interface so that the combined bandwidth can be consumed by the 15+ user nodes. 2. Also if one of the connection dies unexpectedly can there be a system that allows for the efficient routing of the remaining bandwidth to the local interface so that the end user feels no downtime. 3. Upon reconnection of the down ISP the router should auto-detect the bandwidth and auto reconnect to the ISP and thereby maintain a stable bandwidth. 4. Is it possibel to remote administrate such a setup. Thank you for all your help guys ( In advance ) PS : I belive in you guys to come up with the right solution i have grown tierd from listening to the concept of load balancing and its theroy I need a working solution and that too quick. |
This is part of the solution:
Quote:
Caveat: Netsane CANNOT provide ANY form of redundancy NOR robust failover. It simply affords a relatively easy way to configure multipath routing. Netsane itself will NOT detect dead upstreams, and will failover routes only in cases of direct failure (e.g., the interface is marked as 'down') |
Thank You for your patience - jymbo ! I checked out your suggestion and found it to be quite useful to me as i think it is what i am looking for ! but wait a second what about the remote administration part of the stuff ?? Is it possible to perform 100% remote admistration of the Fedora Box ! Also i would like to know whether I should switch over to the NetBSD kernel as it seems that Netsane is native to NetBSD but then again i feel that it heavily depends on the iproute and iptables structure .... which if i am not mistaken are native to fedora ! which much i choose ??? Also keep in consideration that my machine is a bit old and runs on a 266 Mhz and 128 Mb Ram and 10 Gb hdd Pentium.
Also let me know if i should consider slackware or any other kernel structure that will not load my system unnecesarily ! thank you once again .......! |
Is it possible to perform 100% remote admistration of the Fedora Box
Sure! I admin my FC2 box using ssh sessions. Also i would like to know whether I should switch over to the NetBSD kernel as it seems that Netsane is native to NetBSD but then again i feel that it heavily depends on the iproute and iptables structure .... which if i am not mistaken are native to fedora ! which much i choose ??? FC2 is based on the 2.6.x linux kernel - which (based on the posted netsane requirements) should work fine. Note: The following italicized output is me verifying the stated requirement on my FC2 box. 1) A modern generation Linux kernel (v2.4.0 or higher) with the following options enabled: CONFIG_IP_ADVANCED_ROUTER CONFIG_IP_MULTIPLE_TABLES CONFIG_IP_ROUTE_MULTIPATH # grep CONFIG_IP_ROUTE_MULTIPATH kernel-2.6.5-i586.config CONFIG_IP_ROUTE_MULTIPATH=y # grep CONFIG_IP_MULTIPLE_TABLES kernel-2.6.5-i586.config CONFIG_IP_MULTIPLE_TABLES=y # grep CONFIG_IP_ADVANCED_ROUTER kernel-2.6.5-i586.config CONFIG_IP_ADVANCED_ROUTER=y 2) Netsane relies upon iproute2 (netsane was developed using iproute2-ss010824), iptables and standard tools such as awk. # rpm -ql iproute /etc/iproute2 /etc/iproute2/rt_dsfield /etc/iproute2/rt_protos /etc/iproute2/rt_realms /etc/iproute2/rt_scopes /etc/iproute2/rt_tables /sbin/ifcfg /sbin/ip /sbin/rtmon /sbin/tc /usr/sbin/nstat /usr/sbin/rtacct /usr/sbin/rtstat /usr/sbin/ss etc... # rpm -q iptables iptables-1.2.8-13 # rpm -q iproute iproute-2.4.7-11 Also keep in consideration that my machine is a bit old and runs on a 266 Mhz and 128 Mb Ram and 10 Gb hdd Pentium. It's the applications you're planning to run on this box that will generate CPU/RAM overhead (like spamassassin), not the routing portion of your implementation. Especially if this is a low volume server. So you should be fine with your current hardware. FWIW: My firewall (which runs no applications at all) is based on the Leaf/Bering linux distro and runs on a measly P133 with 48MB of RAM and no harddrive, just 2 floppies. My DMZ server (which runs mail/web/ftp/rsync) is based on the FC2 distro and is a P400 with 128MB of RAM. The only problems I have with this system are RAM related, not CPU. Example: When some list server that I subscribe to releases a bunch of queued e-mail all at once. Spamassassin would bring this system to its knees. i.e. swap. To fix this problem, I simply configured my MTA (postfix) to only spawn 10 concurrent processes of Spamassassin. I also configured Apache accordingly. Also let me know if i should consider slackware or any other kernel structure that will not load my system unnecesarily ! Based on the above requirements, your FC2 disrto should work. At least its worth a try. Especially since netsane a shell script which has start/stop options. Good Luck! |
First of all ---- a big THANK YOU "scowles" for taking time off to answer my post !
Next ---- I will take your suggestion of sticking to my FC2 core, especially now that i am sure i can remote admin it using 100% functionality ( Some Idiot told me the other day that ssh is limited in functionality and that the keyboard and screen can never be replaced --- and i believed him !!! ) AND --- I am getting on to it right away -- before that can someone guide me as to how to setup a pppoe connection ! i am not being supplied by the requsite linux based login client by my ISP -- "Hathway Infoservices" -- can you believe it those guys just shrugged their shoulders ! |
ok today i somehow managed to get my pppoe connection to my ISP up ! It was quite an adventure ... wow . I finally managed to get the login client of another ISP that provides linux clients and managed to get connected to my ISP. Still having frequent disconnects though, but plan to investigate it further ! will stop by for clues and answers when i get bogged down by the Micro$oft guys. They are constantly tempting me .....grhhhh.
|
Try this simple command line command
ip its an amazing utility to configure routing. We have a similar setup as yours where we are getting internet connection from 3 ISP's on 3 different media and we are routing the connection to be used by 25 users on our network. The Routing box is a RH9 box and we have not had any problems till date. The linux box has been runing 24x7 since the last year. There are certain load balancing techniques that can be used to make the connections redundant. Though we have not configured them yet. Cheers http://www.linuxbrats.com |
| All times are GMT -5. The time now is 11:00 PM. |