Sometimes it is needed to have multiple internet connections in one Linux box. To distinguish it from a more common scenario – it means that multiple default routes are specified.
Multiple default routes is a bit of a dilemma – default route is loosely defined as ‘if everything else fails send packets there’. By definition there can not be two or more last resort options.
One of those internet connections therefore should be designed as default, and configured normally, giving it IP address, default gateway and so on.
The rest should have its IP addresses configured.
The default connection should work as normal, but the other connections are basically useless. Everything, that is not in directly reachable subnets, goes out using default gateway, which is not what is needed.
At least all packets coming in from an interface should get its answers sent out through the same interface.
Taking a very simplified view on IP routing, there is a routing table where networks and gateways are defined and there is one special default gateway, if there is no route for that packet.
To have multiple default routes, multiple routing tables are used. Simple as that. There is one lookup table which is used to determine what routing table to apply for that packet.
All those tables are configurable via iproute2 http://www.policyrouting.org/iproute2-toc.html.
Now, that all that theory is briefly looked at, lets configure.
network interface eth0 is using IP 1.1.1.102 with mask 255.255.255.252 and gateway 1.1.1.101
network interface eth1 is using IP 2.2.2.202 with mask 255.255.255.252 and gateway 2.2.2.201
lets set interface eth0 up as a normal.
lookup table should be like this:
ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
table main is the one we use normally and it looks like so:
ip route list table main
1.1.1.100/30 dev eth0 proto kernel scope link src 1.1.1.102
127.0.0.0/8 dev lo scope link
default via 1.1.1.101 dev eth0
If not defining table for ip route list, table main is shown by default.
One more routing table is needed. Lets name it ‘second’.
echo "200 second" >> /etc/iproute2/rt_tables
200 is just as good number as any. Looking at this file, numbers 0, 253, 254 and 255 are in use already, so anything that is not in use should be OK.
lets add a rule for our second network.
ip rule add from 2.2.2.202 lookup second
Looking at rule list:
ip rule list
0: from all lookup local
32765: from 2.2.2.202 lookup second
32766: from all lookup main
32767: from all lookup default
Adding some rules into the second routing table to make it something like the main table.
ip route add 2.2.2.200/30 dev eth1 table second
ip route add default via 2.2.2.201 dev eth1 table second
To look what has been done:
ip route list table second
2.2.2.200/30 dev eth1 scope link
default via 2.2.2.201 dev eth1
The last step is to flush IP routing cache. Strange things can happen if configuration and cahce is not in sync.
ip route flush cache
If all goes well, 2.2.2.202 should be reachable from outside.