This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router - Linux upload bonding using policy routing

From AAISP Support Site
Revision as of 10:03, 3 May 2013 by Farnz (talk | contribs) (Created page with "I'm using PPP on the Linux box - in my case via a Solos ADSL card, but this will also work using PPPoE. First, for convenience, name your extra routing tables by editing <tt>...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

I'm using PPP on the Linux box - in my case via a Solos ADSL card, but this will also work using PPPoE.

First, for convenience, name your extra routing tables by editing /etc/iproute2/rt_tables:

1       ppp0
2       ppp1

Add a script in /etc/ppp/ip-up.d and in /etc/ppp/ipv6-up.d to put the routes in the per-interface tables:

#!/bin/bash

ip -6 route replace default dev ${PPP_IFACE} table ${PPP_IFACE}

Run the following script on boot:

#!/bin/bash

# fwmark 1 is line 1
ip rule add fwmark 1 table ppp0 prio 40000
ip -6 rule add fwmark 1 table ppp0 prio 40000

# fwmark 2 is line 2
ip rule add fwmark 2 table ppp1 prio 40001
ip -6 rule add fwmark 2 table ppp1 prio 40001

# unmarked prefers line 1, then does line 2 if line 1 is not possible
ip rule add from all table ppp0 prio 50000
ip -6 rule add from all table ppp0 prio 50000
ip rule add from all table ppp1 prio 50001
ip -6 rule add from all table ppp1 prio 50001

This uses iproute2's ip command to set up policy routing rules; the first set give you a firewall mark per line. (rules at prio 40000 and 40001). The last block (rules at 50000 and 50001) ensure that even if you fail to set firewall marks for upstream line choice, your packets will still get out - it will just be non-optimal.

Finally, apply firewall marks in PREROUTING to choose your load balancing policy. For example:

for IPT in iptables ip6tables
do
    $IPT -A PREROUTING ! -i ppp+ -m statistic --mode nth --every 2 --packet 0 -j MARK --set-mark 1
    $IPT -A PREROUTING ! -i ppp+ -m statistic --mode nth --every 2 --packet 1 -j MARK --set-mark 2
done

simply load balances by alternating packets on each line.