[CentOS] Re: Network routes

Ross S. W. Walker rwalker at medallion.com
Wed Jan 30 01:46:01 UTC 2008 

Jason Pyeron wrote:
> Ross S. W. Walker wrote:
> > 
> > Sorry for the top post.
> > 	
> > The default route is the route applied when no other 
> > route matches the destination IP. From that how would you 
> > figure out which default route to pick, only if the routes 
> > were weighted could you pick between two.
> > 	
> > If you had two routes with equal weight and the traffic 
> > went round robin between them then the originating host will 
> > discard half the returning traffic because it's not coming 
> > from the same ip it sent it to.
> > 	
> > No your best bet is probably to do reverse NAT'ing as 
> > it is simple to setup and you don't have to worry about 
> > default routes and weight. Traffic initiates on 1 gateway and 
> > sticks with it for the duration of the session. You can use 
> > BGP on the gateways outside interface to load balance or 
> > fail-over the default gateway or use round-robin DNS, MX 
> > records for mail, etc.
> > 
> > -Ross
> 
> Okay, they were weighted primay at 0 and it worked. Secondary 
> at 20, it would never be chosen as a default. But how does a 
> reply get out to the net on the same route it came in on?
> 
<snip>

Ah, but it doesn't if you don't masquerade the IP as coming
from the originating gateway or you make sure you have only 1
gateway functioning at a time with some routing protocol
telling your internal hosts which route is active. For multiple
gateways active at once you will need to masquerade so the
traffic can use the internal network routing tables to assure
traffic goes back out the way it came in.

-Ross



______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.

More information about the CentOS mailing list