HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   3 Wan configuration problem (http://www.howtoforge.com/forums/showthread.php?t=59740)

bAnDiTu 29th November 2012 14:32

3 Wan configuration problem
 
Hello,


I have a problem configuring 3 wan connections on different nics.
Description: 3 real ip address with different nic for each.
Now i use the following script for it:
Code:

#!/bin/bash
### BEGIN INIT INFO
# Provides:          multi-wan
# Required-Start:    $remote_fs $syslog
# Required-Stop:    $remote_fs $syslog
# Default-Start:    2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Example initscript
# Description:      This file should be used to construct scripts to be
#                    placed in /etc/init.d.
### END INIT INFO

# Some things that run always
touch /var/lock/multi-wan

# Carry out specific functions when asked to by the system
case "$1" in
 start)
  echo "Starting script multi-wan "
  ;;
 stop)
  echo "Stopping script multi-wan"
  ;;
 *)
  echo "Usage: /etc/init.d/multi-wan.sh {start|stop}"
  exit 1
  ;;
esac

# CONFIGURATION
IP=/sbin/ip
PING=/bin/ping

#--------------- LINK PART -----------------
# EXTIFn - interface name
# EXTIPn - outgoing IP
# EXTMn  - netmask length (bits)
# EXTGWn - outgoing gateway
#-------------------------------------------

# LINK 1
EXTIF1=eth0
EXTIP1=192.168.0.2
EXTM1=27
EXTGW1=192.168.0.1

# LINK 2
EXTIF2=eth1
EXTIP2=89.165.182.226
EXTM2=27
EXTGW2=89.165.182.225

# LINK 3
EXTIF3=eth2
EXTIP3=89.165.182.227
EXTM3=27
EXTGW3=89.165.182.225

#ROUTING PART
# removing old rules and routes

echo "removing old rules"
${IP} rule del prio 50 table main
${IP} rule del prio 201 from ${EXTIP1}/${EXTM1} table 201
${IP} rule del prio 202 from ${EXTIP2}/${EXTM2} table 202
${IP} rule del prio 203 from ${EXTIP3}/${EXTM3} table 203
${IP} rule del prio 221 table 221
echo "flushing tables"
${IP} route flush table 201
${IP} route flush table 202
${IP} route flush table 203
${IP} route flush table 221
echo "removing tables"
${IP} route del table 201
${IP} route del table 202
${IP} route del table 203
${IP} route del table 221

# setting new rules
echo "Setting new routing rules"

# main table w/o default gateway here
${IP} rule add prio 50 table main
${IP} route del default table main

# identified routes here
${IP} rule add prio 201 from ${EXTIP1}/${EXTM1} table 201
${IP} rule add prio 202 from ${EXTIP2}/${EXTM2} table 202
${IP} rule add prio 203 from ${EXTIP3}/${EXTM3} table 203

${IP} route add default via ${EXTGW1} dev ${EXTIF1} src ${EXTIP1} proto static table 201
${IP} route append prohibit default table 201 metric 1 proto static

${IP} route add default via ${EXTGW2} dev ${EXTIF2} src ${EXTIP2} proto static table 202
${IP} route append prohibit default table 202 metric 1 proto static

${IP} route add default via ${EXTGW3} dev ${EXTIF3} src ${EXTIP3} proto static table 203
${IP} route append prohibit default table 203 metric 1 proto static

# mutipath
${IP} rule add prio 221 table 221

${IP} route add default table 221 proto static \
          nexthop via ${EXTGW1} dev ${EXTIF1} weight 1\
          nexthop via ${EXTGW2} dev ${EXTIF2} weight 2\
          nexthop via ${EXTGW3} dev ${EXTIF3} weight 3

${IP} route flush cache
echo "Done !"

while : ; do
 ${PING} -c 1 ${EXTGW1}
 ${PING} -c 1 ${EXTGW2}
 ${PING} -c 1 ${EXTGW3}
echo "Done !"
 sleep 60
done

But after a time the 3nd ip is not active, cannot be accesed from extern.
And after reboot, i need to remove some ip rules and restart the script and networking.
I need a script or commands for configuring 3 wans to be active.


Thank you in advance and sorry for my bad english!

Mark_NL 14th December 2012 19:30

You're going oldskool! Install shorewall and let it take care of all that stuff.
I've done it your way as well some time ago, until i saw the light .. Shorewall Firewall!

see: http://www.shorewall.net/MultiISP.html

It's pretty straight forward. Define your "providers" (outgoing gateways) and set a priority to them, reload shorewall, done.


All times are GMT +2. The time now is 04:35.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.