Kristian, Thanks for the response. I'm going to debug the DNS issue and then fiddle more with the multiple routes & patches once I have a box again that I can really screw up. Should be a couple of days.
My options at this point appear to be - gated, or the like - dead route detection using ARP -- kernel patch - policy-based routing Regards, rb Ron Byer Jr. NetWeave Integrated Solutions, Inc. +1.732.786.8830 x120 -----Original Message----- From: Kristian Kielhofner [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2008 4:26 PM To: AstLinux Users Mailing List Cc: [EMAIL PROTECTED] Subject: Re: [Astlinux-users] Multiple external interfaces/multiple defaultroutes On 10/7/08, Philip Prindeville <[EMAIL PROTECTED]> wrote: > Just read up the man page for route(8). > > Seems the metric isn't actually used by the kernel. Oh, well. > > Which means that we'll have to run some sort of daemon like gated instead. > > > -Philip > It's been a while since I've dealt with any of this in Linux (AstLinux or otherwise). However, here's what is supposed to happen... If you define EXT2IF and EXT2GW, the kernel will insert both default routes with equal cost. The kernel is supposed to handle (!!!?!???!?) these two default routes, with the ability to detect when one is dead with the following patch: http://www.ssi.bg/~ja/#routes Huge limitation... It depends on ARP failures (I think) to detect a failed gateway, which means it's only going to detect a completely failed link or gateway. More bad news? All of this lives as "magic" in the kernel with nothing more than a few /proc bits to twiddle. I haven't followed up on it much because I've been looking for something much better... I've been experimenting with policy based routing, classifying traffic with ip, iptables, etc. All of the other places I need to do this in my life are running IOS (a completely different beast)! This reminds me - we really need to update everything NOT to use ifconfig, route, netstat, etc and use the iproute2 tools instead. They really work much better (I've been using "ip" more myself lately)... I didn't notice that DNS lookups were broken. Perhaps you've got one providers DNS servers in resolv.conf and the kernel is using the other link to get there? If your provider is doing any DNS filtering that might explain that failure. Use some generic DNS servers like 4.2.2.1, 4.2.2.2, etc and see what happens... -- Kristian Kielhofner http://blog.krisk.org ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG. Version: 7.5.523 / Virus Database: 270.7.6/1712 - Release Date: 10/7/2008 9:41 AM ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
