Posted by sphaero on Mon 27 Mar 2006 at 08:25
Debian suits perfectly for use as a gateway for computers on your LAN. However once bandwidth usage grows it could be handy to just add another internet uplink to your gateway. Debian does not cater for this out of the box so this document describes how to setup your debian gateway for multiple uplinks.
The whole setup is based on the Linux Advanced Routing & Traffic Control HOWTO http://lartc.org/howto/
The most important and only package we need is `iproute`
apt-get install iproute
The iproute package is a tool to talk to more advanced routing capabilities of the linux kernel. I suggest you read the man page and the howto mentioned above. Some basic theory of iproute is that it does it routing through tables just like iptables does. It determines what table to route through based on rules you define.
As an example I have 2 uplinks to the internet. The first uplink device eth1 has ipaddress 1.0.0.1/24 and gateway 1.0.0.2. The second uplink device eth2 has ip 2.0.0.1/24 and gateway 2.0.0.2.
First we will define the tables. We do this by editing /etc/iproute2/rt_tables which looks like this:
# # reserved values # 255 local 254 main 253 default 0 unspec # # local # #1 inr.ruhepIn this file we append a new table name with an unique number for every uplink.
# # reserved values # 255 local 254 main 253 default 0 unspec # # local # #1 inr.ruhep 200 uplink1 201 uplink2We can now focus on setting up the interfaces file. Setup /etc/network/interfaces like this.
auto lo
iface lo inet loopback
auto eth0
#LAN interface
iface eth0 inet static
address 10.0.0.1
netmask 255.255.255.0
#Uplink1
auto eth1
iface eth1 inet static
address 1.0.0.1
netmask 255.255.255.0
post-up ip route add 1.0.0.2/32 dev eth1 src 1.0.0.1 table uplink1
post-up ip route add default via 1.0.0.2 table uplink1
post-up ip rule add from 1.0.0.1 table uplink1
post-down ip rule del from 1.0.0.1 table uplink1
#Uplink2
auto eth2
iface eth2 inet static
address 2.0.0.1
netmask 255.255.255.0
post-up ip route add 2.0.0.2/32 dev eth2 src 2.0.0.1 table uplink2
post-up ip route add default via 2.0.0.2 table uplink2
post-up ip rule add from 2.0.0.1 table uplink2
post-down ip rule del from 2.0.0.1 table uplink2
You are now ready to bring the interfaces up.
ifup -aThere is no default gateway at this moment. We want to balance traffic over both uplinks. The following command will set this up.
ip route add default scope global nexthop via 1.0.0.2 dev eth1 weight 1 nexthop via 2.0.0.2 eth2 weight 1As stated in the howto mentioned above "The weight parameters can be tweaked to favor one provider over the other".
We have now setup our gateway for multiple uplinks. An other benefit of this setup is that the gateway responds through the same uplink as external traffic originated from.
Remember the balancing of the uplinks is route based and routes are cached. You will not get double bandwidth when downloading a file. You can flush the route cache with ‘ip route flush cache'. The uplink balancing is not perfect but to get a better solution you need to patch and recompile the kernel. Have a look at the patches provided by Julian Anastatov. http://www.ssi.bg/~ja/#routes
This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):
This article is copyright 2006 sphaero - please ask for permission to republish or translate.