[SGVLUG] dual/multi-homed question
Claude A. Felizardo
cafelizardo at gmail.com
Fri Jun 26 01:26:42 PDT 2015
Not sure if my original question made it out to the list but after
talking to a few people at work, I figured out how I can connect to my
fileserver from outside using one ISP or the other....
Original post below but the quick summary is I currently have two
internet connections at home and I was trying to figure out how to allow
inbound connections using either ISP. I have port forwarding rules on
both routers but I could only connect via the new ISP but connections
using the old ISP were failing to connect probably because my fileserver
is configured to send to a specific gateway regardless of how the
connection came in.
My original modem/router has internal IP 192.168.1.1 and all devices
are configured to use .1 as gateway.
New modem/router was assigned IP 192.168.1.1 and the old modem/router
was reassigned 192.168.1.2
Given the IP of my remote machine: www.xxx.yyy.zzz
[root at myhome ~] ip route add www.xxx.yyy.zzz via 192.168.1.2
[root at myhome ~]# ip route
www.xxx.yyyy.zzz via 192.168.1.2 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20
metric 5
169.254.0.0/16 dev eth0 scope link metric 5
default via 192.168.1.1 dev eth0 metric 5
then from that remote machine:
ssh -p <my secret port> myalthome.dyndns.org
or from another computer at work:
ssh -p <my secret port> mynormalhost.dyndns.org
I now have two connections that came in using different routes.
Here are the partial traceroutes showing the routes:
[root at homeserver ~]# traceroute <my desktop at work>
traceroute to <my desktop at work> (xxx.xxx.xxx.xxx), 30 hops max, 60
byte packets
1 * * * <-- lookes like new router doesn't respond to ping
2 xxx-xxx-xxx-xxx.socal.res.rr.com (104.xxx.xxx.1) 41.164 ms 41.199
ms 41.501 ms
3 tge0-9-0-20.mnrvca7101h.socal.rr.com (76.167.29.97) 27.130 ms
27.973 ms 28.093 ms
...
11 dc-lax-agg1--lax-agg6-10ge.cenic.net (137.164.46.104) 31.069 ms
31.004 ms 28.944 ms
12 dc-caltech-1--lax-agg1.cenic.net (137.164.3.58) 41.774 ms 47.018
ms 44.575 ms
...
[root at homeserver ~]# traceroute <other computer at work>
traceroute to <other computer at work> (yyy.yyy.yyy.yyy), 30 hops max,
60 byte packets
1 dsl-router (192.168.1.2) 6.747 ms 6.662 ms 6.595 ms
2 yy-y-yy-yy.dsl.dynamic.fusionbroadband.com (50.yyy.yyy.1) 18.691
ms 19.689 ms 24.174 ms
...
10 ntt-los-nettos-usc.ln.net (165.254.21.242) 23.453 ms 24.096 ms
24.702 ms
11 cit2-vlan2003.ln.net (130.152.181.60) 52.983 ms 54.779 ms 55.932 ms
...
traceroute's from the two work computers to my normal and alternate
hosts at dyndns.org show the reverse as expected.
And when I try to rsync a couple of ISO images using either path, I do
see a significant difference in transfer speeds as expected via DSL vs
cable. About 670 kB/s (~5.3 Mbps) vs 9 MB/s (~72 Mbps). Heck I was
able to push the same test file several times via the cable connection
while the dsl connection was still putting along. Test file was a 693
MB file:
621611008 100% 9.00MB/s 0:01:05 (xfer#1, to-check=0/1)
621611008 100% 8.73MB/s 0:01:07 (xfer#1, to-check=0/1)
621611008 100% 673.28kB/s 0:15:01 (xfer#1, to-check=0/1)
This pretty much matches the results of doing speed tests at home using
the web based tests so I'm pretty happy with the switch. After the
port of my home telephone is completed I'll be cancelling my old service.
Claude
> Claude Felizardo
> <mailto:claude at gps.caltech.edu>
> Tuesday, June 23, 2015 5:46 PM
> Hey all,
>
> I am in the middle of transitioning from DSL Extreme to TimeWarner (TV
> cable) and have most everything switched over but I wanted to
> experiment with a couple of things while I still have both ISPs working.
>
> When I first switched from AT&T DSL to DSL Extreme to get rid of the
> bandwidth caps I tried various combinations of the supplied modem
> (bridge vs non-bridge) to my existing router (LAN or WAN port) but the
> only thing that seemed to work reliably was to use bridge to WAN port.
> The other combinations resulted in one way connectivity (Laptops on
> WiFi could not access file server due to nested non routable IPs) or
> some other problem. Non bridge mode was listed as unsupported and I
> think I saw something to the effect that it might not be stable and
> I’ve had some long term stability problems. The only catch with this
> configuration is I don’t have access to the modem web config, stats,
> etc. So for the past 2 years or so, my configuration was as follows:
>
> DSL modem in bridge mode (50.x.x.x) ==== (WAN) router with WiFi
> (192.168.1.1) —— various devices static and DHCP starting at
> 192.168.1.100. The static devices such as file servers, NAS,
> printers, etc. are configured to use 192.168.1.1 as the gateway out.
>
> The new cable modem includes a router, 4 LAN ports and WiFi. I wanted
> to minimize changes to the various static devices so I did the following:
>
> DSL modem in bridge mode (50.x.x.x) ==== (WAN) router with WiFi
> (192.168.1.2) <— note that I have changed the old router to be .2
> instead of .1. DHCP enabled from 192.168.1.200-249.
> cable modem (104.x.x.x) — (192.168.1.1) <—— cable router is now .1
> with DHCP enabled from 192.168.1.150 - .199.
>
>
> Note that I have both routers configured to provide DHCP in different
> ranges that are different from my original configuration. This lets
> me see what IPs devices are getting and from which router as well as
> see what’s still hanging onto old IPs. Again, boxes that offer
> services such as storage, web, etc, are using static IPs in the .10 to
> .99 range.
>
> Everything seems to be working, no obvious problems with duplicate IPs
> (yet). Depending on which WiFi access point you connect to, I see
> noticeably different results when I try a speed test: either 6-8 Mbps
> for DSL or 50+ Mbps for cable. Still collecting stats to see how
> things change during the time of day, etc.
>
> I even got each modem updating a different dyndns.org
> <http://dyndns.org> domain so I can theoretically come in through a
> different ISP.
>
> However, when I try to connect to my linux server from the outside
> world (both routers are configure to forward specific ports to
> specific IP’s inside), I’m not seeing a response when I try come in
> through the DSL connection. It just seems to hang like packets are
> being dropped. I believe it’s because my routing table only lists a
> single gateway:
>
> [claude at homeserver network-scripts]$ route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref
> Use Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 5 0
> 0 eth0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 5 0
> 0 eth0
> 0.0.0.0 192.168.1.1 0.0.0.0 UG 5 0
> 0 eth0
>
> So I think when my server tries to respond to a connection request
> that is coming from 192.168.1.2, it’s sending it out via 192.168.1.1
> so the connection never completes. Is this correct?
>
> I should have another network card laying around but it’s probably not
> worth it if I’m going to discontinue the old service. I could try
> booting up the old old file server and see if I can reconfigure it to
> use 192.168.1.2 for it’s gateway.
>
> But I’m thinking I should be able to create another route via command
> line but It’s been years since I’ve done this manually so I’m hesitant
> to try it remotely and lock my self out. Any suggestions?
>
> Claude
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20150626/4eee1b5e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20150626/4eee1b5e/attachment.jpg>
More information about the SGVLUG
mailing list