Re: [Leaf-devel] Multiple upstream links
On Tuesday 13 August 2002 12:31, Charles Steinkuehler wrote: > Not that I have time to mess with this, but what's the current state > of the art regarding multiple upstream internet connections and > possible bandwidth sharing? I believe Shorewall has this support built-in from some posts a while back. I cannot say that anyone has reported back with a success as of yet though. > Has anyone tried anything similar with BGP (or similar routing > protocols)? It seems reasonable to expect a router that's not too > many hops away (ie the ISP, or the ISP's upstream provider) would be > running BGP, and while it's hopefully not possible to alter the route > list, it might be possible to import route information. If you could > do this on both links, and run BGP on the LEAF box, you could do > *REAL* load-balancing (or am I missing something major here? I don't > do much backbone type setup/config, so I could be completely > off-base). You would need to run Zebra to run BGP (or other WAN routing protocols) and there are several people doing this with some form of LEAF. The WAN routing protocols themselves do load-balancing, and I would assume that some form of clock syncing would also be necessary, so I think your up the right path. WISP is running OPSF and RIPv2 instead of Bridging. The big concern here is that you won't want to run the WAN routing protocols on the WAN side without implicit permission from your ISP(s), since your router will automatically update itself to internet WAN routers unless you limit the protocol to the LAN side. Eric Kiser is more of the Zebra-person among the present developers and has indicated that he is/will be working on an image along these lines. Hopefully this makes a little sense? -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] LVS and LRP
Hi folks Before I dive in and spend a bunch of time getting the varios LVS tools (mon, heartbeat, fake and so forth) packaged for Bering, has anybody done any of this sort of thing before? Links to packages? Gotchas? Cheers Si --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Multiple upstream links
Hi - On Tue, Aug 13, 2002 at 12:31:22PM -0500, Charles Steinkuehler wrote: >Not that I have time to mess with this, but what's the current state of >the art regarding multiple upstream internet connections and possible >bandwidth sharing? I saved this posting from the netfilter list, I think it answers your question. Regards, // George Date: Tue, 2 Jul 2002 22:29:16 -0400 From: John Adams <[EMAIL PROTECTED]> Subject: Re: 2 ISPs on firewall To: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] On Tuesday 02 July 2002 09:53 pm, Matthias Kattanek wrote: > There seems to be lots of question about multihomed firewall/routers. > I am in similiar situation. Having 2 ISP, where to provide services too. > > I managed to forward traffic to e.g. a web server in the DMZ zone. > Main problem I encounter is that the response is always going out > via the DEFAULT gateway on the router. > (In my case one ISP doesn't like it and drops the response.) > > I was under the impression that connection tracking of Netfilter keeps > "track" which interface the traffic came in and anticipated it would go > out the same route it came from. > > What am I missing here? > What does it take to make it happen? > Do I just need additional rules for Netfilter? > Would something like "ip_conntrack_isp" work out? Understood such module > needs to be developed. Q just arises is that a way to go? Here's a script I use with iproute2. It gives two default routes with different weightings for different speed lines. johna GATEWAY0=216.254.97.1 GATEWAY1=65.185.37.22 NIC0=216.254.97.15 NIC1=65.185.37.21 route del default ip route add 0.0.0.0/0 via $GATEWAY0 table E0 ip route add 0.0.0.0/0 via $GATEWAY1 table E1 ip rule add from $NIC0 table E0 ip rule add from $NIC1 table E1 ip route add default scope global \ nexthop via $GATEWAY0 weight 6 \ nexthop via $GATEWAY1 weight 1 ip route flush cache -- GEORGE GEORGALIS, System Admin/Architectcell: 347-451-8229 Security Services, Web, Mail,mailto:[EMAIL PROTECTED] File, Print, DB and DNS Servers. http://www.galis.org/george --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Multiple upstream links
Not that I have time to mess with this, but what's the current state of
the art regarding multiple upstream internet connections and possible
bandwidth sharing?
At the moment, I have a work-related SDSL connection (sadly, it's only
384K, rather than the 1.1 MBit I used to have...I moved farther away
from the CO :< ), as well as the personal cable-modem link (dynamic IP
from cox.net) I had at home prior to moving my office.
I'm eventually going to get rid of the cable-modem connection to save
money, but before I do, it's the first time I've had a real-world
environment for testing multiple uplink configurations. Anyone got any
ideas they'd like to see tested? I can't devote a lot of time to this
(I still haven't even managed to get an updated Dachstein-CD out with
the new ssh packages), but I can probably spend a couple evenings trying
out a few things.
Also...I recently got a nifty trick from the local linux users group
regarding time-servers:
> Does someone knows of a time server that I can use to
> synchronize my linux box at boot time?
There are a bunch listed at www.ntp.org, a.k.a. www.eecis.udel.edu/~ntp.
A possibly better alternative is to use your provider - most ISPs enable
NTP on their routers. This is convenient for them, since they can
correlate router log messages accurately. It's convenient for you,
since
you have a low-latency time source just a few milliseconds away.
Tru running "ntpdate -q" against a traceroute output, e.g.
traceroute -n www.cnn.com | head -5 | awk '{print $2}' | \
xargs -n 1 ntpdate -q
You'll usually find an NTP server close by.
Has anyone tried anything similar with BGP (or similar routing
protocols)? It seems reasonable to expect a router that's not too many
hops away (ie the ISP, or the ISP's upstream provider) would be running
BGP, and while it's hopefully not possible to alter the route list, it
might be possible to import route information. If you could do this on
both links, and run BGP on the LEAF box, you could do *REAL*
load-balancing (or am I missing something major here? I don't do much
backbone type setup/config, so I could be completely off-base).
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
---
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
___
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] panic kernel argument.
As LEAF is usually used in stand-alone routers- gateways I suggest passing to the kernel the argument "panic=X" by default. "X" is the number of seconds the system will wait before automatically rebooting itself after a kernel panic. I think it's an interesting inprovement. --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Anyone else seen this?
VA Software (operators of Sourceforge) signs agreement with IBM to utilize their proprietary database DB2 in the SourceForge product. In the article, it notes that VA Software looked at MySQL and PostgreSQL, but passed them both by. It also notes that VA invested in MySQL. Interesting, eh? http://news.com.com/2100-1001-949505.html?tag=fd_top --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] LinuxWorld Conference
On Mon, 2002-08-12 at 14:39, Larry Platzek wrote: > I will be going on the Caltrain from Santa Clara at 9:05 I will be with > two non-LEAF people, on Wed. Aug 14. > Mike & Ray: I will have my cell phoneme. Larry, Wed. sounds good to me. I hope to see you there. > On 12 Aug 2002, Mike Noyes wrote: > > > Date: 12 Aug 2002 10:27:45 -0700 > > From: Mike Noyes <[EMAIL PROTECTED]> > > To: leaf-devel <[EMAIL PROTECTED]> > > Subject: [Leaf-devel] LinuxWorld Conference > > > > Everyone, > > I plan on attending the LinxWorld conference in San Francisco this week. > > Is anyone else planning to attend? -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
