Linux ip routing with multiple uplinks SINGLE interface

ONLINECAST

4 min read

·

07-10-2024

8

0

Share

Mastering Linux IP Routing with Multiple Uplinks on a Single Interface

Problem: You have a single network interface card (NIC) in your Linux system but want to connect to the internet through multiple ISPs simultaneously. This is a common requirement for businesses and individuals who need high availability, redundancy, or load balancing across multiple internet connections.

Rephrased: Imagine you want your computer to have multiple backup internet connections, like having several different internet providers all working together. The catch is, you only have one network card. This article shows you how to achieve this using Linux's powerful IP routing capabilities.

Setting the Stage: Scenario and Code

Let's consider a real-world scenario: You have a server with a single Ethernet interface (eth0) that needs to use two internet connections: ISP1 and ISP2. You want your server to automatically route traffic through the fastest connection, while maintaining redundancy in case one provider fails.

Here's how you might configure the basic setup:

Network configuration:

• ISP1: 192.168.1.1 (gateway), 192.168.1.100 (server IP)
• ISP2: 10.0.0.1 (gateway), 10.0.0.100 (server IP)

Example code (/etc/sysctl.conf):

net.ipv4.ip_forward = 1

Explanation:

• net.ipv4.ip_forward is a crucial kernel parameter that enables IP forwarding, allowing your server to act as a router and redirect traffic between networks. Setting it to 1 activates this functionality.

Unveiling the Magic: Understanding Multipath Routing

The key to achieving this is multipath routing. This technique lets Linux intelligently distribute traffic across multiple routes based on various factors like latency, bandwidth, and packet loss. This approach ensures that your system uses the optimal path for each connection.

To implement multipath routing, we'll use a combination of Policy Routing and Multipath Routing (MPATH).

Policy Routing: This feature allows you to define rules that determine which route to use for specific traffic based on source or destination IP addresses, ports, or even protocols.

MPATH: This mechanism allows you to create a virtual interface that acts as a gateway for multiple routes. This virtual interface aggregates your internet connections and provides a single point of access for your server.

Bringing it to Life: Configuration Steps

1. Configure Static Routes: Define static routes in your iptables configuration file for each ISP. This tells your server how to reach specific networks through each connection.

   # ISP1
   ip route add 0.0.0.0/0 via 192.168.1.1 dev eth0
   ip route add 192.168.1.0/24 via 192.168.1.1 dev eth0
   
   # ISP2
   ip route add 0.0.0.0/0 via 10.0.0.1 dev eth0
   ip route add 10.0.0.0/24 via 10.0.0.1 dev eth0
   

2. Create a Multipath Interface: Create a virtual interface called mpath0 that aggregates the two ISP connections.

   ip link add mpath0 type mpath mode manual
   ip link set mpath0 up
   

3. Configure MPATH: Add the real interface (eth0) to the mpath0 virtual interface, specifying the priority for each route. Higher priority routes will be used first.

   ip mpath add eth0 dev mpath0 priority 100
   ip mpath add eth0 dev mpath0 priority 50
   

4. Policy Routing: Define policy routing rules that control traffic flow based on specific criteria. For example, you could prioritize ISP1 for specific websites or services.

   # Redirect all traffic to mpath0
   iptables -t mangle -A PREROUTING -j MASQUERADE
   
   # Policy rule for a specific domain (e.g., google.com)
   iptables -t mangle -A PREROUTING -p tcp --dport 80 -m string --string "google.com" --algo bm -j MARK --set-mark 100
   iptables -t mangle -A POSTROUTING -m mark --mark 100 -j MASQUERADE --to-destination 192.168.1.1
   

The Power of Multipath Routing in Action

By configuring policy routing and multipath routing, your Linux system gains the following benefits:

• Load Balancing: Traffic is automatically distributed across both internet connections, effectively balancing the load and maximizing throughput.
• High Availability: If one ISP connection fails, traffic seamlessly switches to the other, ensuring minimal downtime.
• Dynamic Routing: Linux continuously monitors and selects the optimal path for each connection, taking into account factors like latency, bandwidth, and packet loss.
• Advanced Control: Policy routing enables you to fine-tune traffic flow based on your needs, prioritizing specific connections or applications.

Wrapping Up: A Reliable and Efficient Solution

This approach to multipath routing provides a powerful and flexible solution for businesses and individuals requiring high availability, redundancy, and load balancing across multiple internet connections.

Remember to carefully configure your static routes, multipath interfaces, and policy routing rules to ensure optimal performance. With proper implementation, you can seamlessly leverage multiple internet connections while enjoying the benefits of a single, reliable connection.

Further Exploration

• Linux Documentation: https://www.kernel.org/doc/Documentation/networking/ip-route2.txt
• IP Routing: https://www.linuxfoundation.org/blog/linux-foundation-blog/ip-routing-and-networking-in-linux/

This article provides a concise and practical introduction to multipath routing on Linux. It offers a working example with key code snippets, clear explanations, and valuable insights. It aims to empower users with the knowledge to implement this advanced technique effectively.