tech-net: Re: trouble with multi-homed setup

Subject: Re: trouble with multi-homed setup
To: None <tech-net@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 01/28/2004 19:08:27
> [...pppoe0...pppoe1...]
> To make pppoe1 work I have to use some ipf magic, though:
>    pass out on pppoe0 to pppoe1 from <pppoe1's address> to any

> First, I have to "hardcode" the interface names and the address

> Then, if pppoe0 becomes unavailable traffic over pppoe1 stops as
> well.

> The intended use is for pppoe1 to serve DNS and later mail to the
> outside world while all my browsing and outbound traffic goes via
> pppoe0.

> I want to be able to continue serving DNS and mail even if pppoe0 is
> down.

This sort of thing is exactly what I created my srt pseudo-interface
for.  It selects the outgoing interface for a packet based on the
ip_src (as opposed to the ip_dst, the way normal routing does).

It is just as bad as the ipf solution when it comes to interface names
and addresses.

If I assume that

- pppoe0's address is 10.0.0.2, peer 10.0.0.1
- pppoe1's address is 10.1.0.2, peer 10.1.0.1
- you want outgoing traffic with no particular reason to choose one
  address over the other (HTTP, outgoing mail, etc) to use 10.0.0.2 and
  pppoe0
- you're not using 192.168/16 for anything

then I'd set this up with

srtconfig srt0 set 0 10.1.0.2 /32 pppoe1 10.1.0.1
srtconfig srt0 set 1 0 /0 pppoe0 10.0.0.1
ifconfig srt0 10.0.0.2 192.168.0.1 netmask 255.255.255.255 up
route add default 192.168.0.1

That way your default route points out srt0.  When a packet is sent out
srt0, if the ip_src is 10.1.0.2, it is sent over pppoe1 with a next-hop
address of 10.1.0.1 (the next-hop address may not matter for
point-to-point links, but it can't hurt); otherwise (0/0) it goes out
over pppoe0 to 10.0.0.1.  If there's no other address handy to use as
the source address of the packet, it uses srt0's address, 10.0.0.2.

I don't know how easy it would be to port the srt driver to something
relatively current.  My guess would be that it would be fairly easy for
someone who knows the current device<->kernel interface paradigms.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B