Date: Mon, 30 Apr 2001 21:25:42 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Ken Bolingbroke" <hacker@bolingbroke.com> Cc: <questions@FreeBSD.ORG> Subject: RE: Redundant Internet connections Message-ID: <000201c0d1f6$c8c53020$1401a8c0@tedm.placo.com> In-Reply-To: <Pine.BSF.4.21.0104290057220.87921-100000@fremont.bolingbroke.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: Ken Bolingbroke [mailto:hacker@bolingbroke.com] >Sent: Sunday, April 29, 2001 1:39 AM >To: Ted Mittelstaedt >Cc: questions@FreeBSD.ORG >Subject: RE: Redundant Internet connections > > > >On Sat, 28 Apr 2001, Ted Mittelstaedt wrote: > >> >Given a FreeBSD box with _two_ independent connections to the internet, >> >and also serving as the gateway to a third, private network, how would I >> >configure it to use both Internet links as "default" routes? >> >> You don't. The concept of a "default route" always mandates that on a >> single host that a SINGLE connection exists to "The Internet" > >Hmm, well, RFC 1123, W. Richard Stevens, Solaris, & Irix would seem to beg >to differ with you there. > >Take Solaris, for example: > > # netstat -rn > > Routing Table: IPv4 > Destination Gateway Flags Ref Use Interface > -------------------- -------------------- ----- ----- ------ --------- > 10.211.0.0 10.211.0.8 U 1 8404 hme0 > 224.0.0.0 10.211.0.8 U 1 0 hme0 > default 10.211.0.1 UG 1 10163 > default 10.211.0.2 UG 1 0 > 127.0.0.1 127.0.0.1 UH 474994476 lo0 > [wearily] Yes, this proves exactly what I just said - in the above example only a SINGLE route exists to "The Internet" (AKA The Outside, whatever you want to say) Note that the "Use" parameter shows that the route to 10.211.0.2 has not had traffic sent out on it. In short, the system has only a single default route. Sure, you can add as many routes to 0.0.0.0 as you want - but only one is used at a time, only one is thus the "default" >RFC 1123 mentions having a _list_ of default gateways several times, for >example: > > o ipOutNoRoutes > > This object counts datagrams discarded because no route > can be found. This may happen in a host if all the > default gateways in the host's configuration are down. > >Especially note the part where it says, "...all the default gateways in >the host's configuration..." > >Now granted, it would seem that FreeBSD doesn't conform to RFC and >accepted practice in other OSen in this respect, but it _is_ possible to >have multiple default routes. > no, no, NO!!! You can have multiple routes to "default" gateways but only ONE route is used as the "default" in the system AT A TIME. When it's active, all other "default" entries are inactive, thus they are NOT "the default". Note that I'm speaking of all this conceptually - not practically. You cannot implement a practical solution until you understand the concepts. >Heck, even Windows9x allows you to enter multiple default gateways. Now >_that_ is embarrassing. :-( > Yes, but only ONE is in use at any given time. > >> I would >> >prefer one over the other, but need it to fall back to the second if the >> >first goes offline. >> > >> >> In this case the "preferred" route _is_ the "default route" and the >> "non-preferred" route is _not_ the "default route". In the event that >> the default route goes offline, then what you apparently want to have >> happen is that this route _stops_ being the default route, and the >> non-preferred route _starts_ being the default route. >> >> You may think all this is semantics, > >No, I don't particularly care about semantics. Whether I have two default >routes or one default route that automagically switches to the backup if >the first dies, either way works. > This is the key idea to this entire discussion and your brushing it aside? >The main idea here is to have a persistent Internet connect. I'm not >trying to do load sharing or anything else fancy. Just having a backup >connection that promptly takes over if the primary dies. > > >> But, if you have the money to spend on multiple ISP connections that >> duplicate each other and you don't care that 99% of the time one of >> the pipes is going to be wasted, why then you can implement this kind >> of "default route switching" if you want, there's a number of ways to >> do it. > >That's basically it, yes. Care to share these ways you're referring to? > As I already stated I can't tell you anything useful unless you post the connection details. How are the connections being made? ISDN, Frame, Cable, DSL, T1, woodland fairies carrying the packets? What? > >> for a DSL line. You can read it at http://www.computerbits.com in the >> Network Community section. However, you WILL NOT be able to do this >> with multiple ISP's, don't even waste time trying. > >That's out then, my connections are over different media to different ISPs >(the idea is to avoid the single point of failure after all). > > >> You need to give some more background, like what kind of links and so >> on, that you have before anyone could assist here. But, I can tell >> you that I have a feeling that I know what your trying to accomplish >> and I also have a feeling that you don't understand all of the >> ramifications of why it won't work for most applications. I also >> think that for the few apps that it would work for, that your going to >> have to have an awful icky hack on that FreeBSD system. > >Granted, I'm not as much of a routing expert as I'd like to be. But you >surprise me--wasn't the idea of redundant routes one of the fundamental >concepts underlying the whole idea of the Internet? It was and still is. And those redundant >routes used to be implemented in individuals hosts before we split those >functions off into dedicated routers. yes, yes, So essentially, I'm trying to >duplicate what people were doing 20, 25 years ago. Or at least, I think I >am. :-) > 20, 25 years ago the Internet was a lot smaller and as a practical matter IP space was assigned DIRECTLY to the end-user. Today, IP space is assigned directly to the ISP's who then _loan_ the use of it to customers. Without your own, portable IP space you are _severely limited_ in what you can do. > >> My advice here is this: In Internet Connectivity, people assume that >> >> "cheap unreliable high-speed ISP connection" >> + "cheap unreliable high-speed ISP connection" >> = "reliable cheap high-speed connection" >> >> However, this is wrong. There is no such beast as a CHEAP reliable >> high-speed connection. The three don't mix. > >:-) Yes, I'd tend to agree with you in general. One of my own axioms is >"Cheap, Easy, Reliable: Pick any two". > >However, if ISP A dies on Wednesday, ISP B takes over the slack. If ISP B >dies on Friday, ISP A is handling things anyway. True, there's the chance >that both ISPs will die on the same day, but the likelihood of that is >definitely much lower than the liklihood of being without access >altogether if you have only ISP A. It doesn't guarantee 100% uptime, but >it does get a lot closer at much less expense than it would cost for a >99.95% SLA. > >And besides, it's a fun learning experience. And therein lies the main >attraction. Just banging on this has already refreshed/enhanced my >knowledge of routing tremendously. :-) > Then post the actual connection details so we can start talking practical and stop talking theory. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000201c0d1f6$c8c53020$1401a8c0>