1

I have Ubuntu 12.04 Server edition

Two gateways, both on 192.168.0. network, let's make them 192.168.0.1 and 192.168.0.2

I've read you should be able to add second gateway into /etc/network/interfaces, that it will build out all the routing automatically, but I get "duplicate option" error.

So if I have one default gateway, let's say 0.1, and a connection comes through from the 0.2 gateway, my understanding is that it still tries to respond through 0.1 gateway.

Can we change this behavior?

EEAA
  • 109,363
  • 18
  • 175
  • 245
David
  • 11
  • 2
  • What do you want to do? Load balance between the two gateways? – Diego Woitasen Jun 21 '12 at 02:34
  • If that's the simpler solution, why not. But most importantly, I care for the server being able to reply to requests coming from the 2nd gateway. Presumably right now it replies using the default gateway so the original request never gets a reply. – David Jun 21 '12 at 02:46

2 Answers2

2

You need a way to distinguish which gateway the packet came in on in order to route the response out the correct gateway. This is usually done by having multiple IP addresses on the host, and using source policy routing to select the gateway based on the source address of the response packets. I'm assuming that the gateways are independent Internet connections, and that incoming connections are being DNATed (or port forwarded) by the gateways. You need to bind additional IP addresses to the machine and configure the gateways to DNAT to different addresses, so that the machine can tell the difference.

mgorven
  • 30,615
  • 7
  • 79
  • 122
  • Are you saying this is possible to do with one network interface though? I've tried setting up eth0:1 interface but that too gave me issues. The link provided I believe assumes two NICs. – David Jun 21 '12 at 03:14
  • @David Yes, a single interface with two IPs. Don't used virtual/alias interfaces, use `ip addr add` to set additional IPs. – mgorven Jun 21 '12 at 05:44
0

You need policy routing. One way that can be done in your case is to 'save' the info for the incoming gateway. A solution I used many times for example it to mark the connection based on mac address and route out based on the mark. You can set up as many gateways as you like this way and works like a charm. EDIT: To be more specific: connmark incoming new packets based on mac address, mark outgoing packets based on the connmark flag, use the mark to direct the outgoing packets to the specific routing table for that gateway. (See iproute2).

Bgs
  • 208
  • 2
  • 5