Voted 8

Cable Connections on Linux

Angsuman Chakraborty

October 20th, 2007

In many location, including but definitely not limited to India, single ADSL / Cable connections can be unreliable and also may not provide sufficient bandwidth for your purposes. One way to increase reliability and bandwidth of your internet connection is to distribute the load (load balancing) using multiple connections. It is also imperative to have transparent fail-over so routes are automatically adjusted depending on the availability of the connections. With load balancing and fail-over you can have reliable connectivity over two or more unreliable broadband connections (like BSNL or Tata Indicom in India). I present you with the simplest solution to a complex problem with live examples.

Note: Load balancing doesn't increase connection speed for a single connection. Its benefits are realized over multiple connections like in an office environment. The benefits of fail-over are however realized even in a single user environment.

The load balancing mechanism, to be discussed with example below, in Linux caches routes and doesn't provide transparent fail-over support. There are two solutions to incorporate transparent fail over - 1. compiling and using a custom Linux kernel with Julian Anastasov's kernel patches for dead gateway detection or 2. user space script to monitor connections and dynamically change routing information.

Julian Anastasov's patches have two problems:
1. They work only when the first hop gateway is down. In many cases, including ours, the first hop gateway is the adsl modem cum router which is always up. So we need a more robust solution for our purposes.

2. You have to compile a custom kernel with patches. This is somewhat complex procedure with reasonable chances of screwing up something. It also forces you to re-patch the kernel every time you decide to update your kernel. Overall I wouldn't recommend anyone going for kernel patching route unless that is the only option. Also in that case you should look for a rpm based solution (like livna rpm for nVidia drivers) which does it automatically for you.

A better solution is to use a userspace program which monitors your connection and updates routes as necessary. I will provide a script which we use to constantly monitor our connections. It provides transparent fail over support with two ADSL connections. It is fully configurable and can be used for any standard dual ADSL / Cable connections to provide transparent fail over support. It can also be easily modified to use for more than two connections. You can also use it to log uptime / downtime of your connections like we did.

Let's first discuss load balancing with two ADSL / Cable connections and then we will see how to provide transparent fail-over support. The ideas and script provided here can be easily used for more than two connections with minor modifications.

Requirements for Load Balancing multiple ADSL / Cable Connections

1. Obviously you need to have multiple (A)DSL or Cable connections in the first place. Login as root for this job.

2. Find out the LAN / internal IP address of the modems. They may be same like 1921.168.1.1.
Check if the internal / LAN IP address of both (or multiple) modems are same. In that use the web / telnet interface of the modems to configure one of the modems to have a different internal IP address preferably in different networks like 192.168.0.1 or 192.168.2.1 etc. If you are using multiple modems then you should configure each of them to have different subnets. This is important because now you can easily access the different modems from their web interface and you don't have to bother connecting to a modem through a particular interface. It is also important because now you can easily configure the interfaces to be associated with different netmasks / sub-network.

3. Connect each modem to the computer using a different interface (eth0, eth1 etc.). You may be able to use the same interface but this guide doesn't cover that. In short you will make your life complicated using the same interface or even different virtual interface. My recommendation is that you should use one interface per modem. Don't scrimp on cheap ethernet adapters. This has the added benefit of redundancy should one adapter go bad down the road.

4. Configure the IP address of each interface to be in the same sub-network as the modem. For example my modems have IP addresses of 192.168.0.1 and 192.168.1.1. The corresponding addresses & netmasks of the interfaces are: 192.168.0.10 (netmask: 255.255.255.0) and 192.168.1.10 (netmask: 255.255.255.0).

5. Find out the following information before you proceed with the rest of the guide:

IP address of external interfaces (interfaces connected to your modems). This is not the gateway address.
Gateway IP address of each broadband connections. This is the first hop gateway, could be your DSL modem IP address if it has been configured as the gateway following the tip below.
Name, IP address & netmask of external interfaces like eth1, eth2 etc. My external interfaces are eth1 & eth2.
Relative weights you want to assign to each connection. My Tata connection is 4 times faster than BSNL connection. So I assign the weight of 4 to Tata and 1 to BSNL. You must use low positive integer values for weights. For same connection speeds weights of 1 & 1 are appropriate. The weights determine how the load is balanced across multiple connections. In my case Tata is 4 times as likely to be used as route for a particular site in comparison with BSNL.

Note: Refer to Netmask guide for details on netmasks.

Optional step
Check the tips on configuring (A)DSL modems. They are not required for using this guide. However they are beneficial in maximizing your benefits.

How to setup default load balancing for multiple ADSL / Cable connections

Unlike other guides on this topic I will use a real example - the configuration on our internal network. So to begin with here are the basic data for my network:

#IP address of external interfaces. This is not the gateway address.
IP1=192.168.1.10
IP2=192.168.0.10

#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.1.1
GW2=192.168.0.1

# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 4 times faster
W1=1
W2=4

# Broadband providers name; use your own names here.
NAME1=bsnl
NAME2=tata

You must change the example below to use your own IP addresses and other details. Even with that inconvenience a real example is much easier to understand than examples with complex notations. The example given below is copy-pasted from our intranet configuration. It works perfectly as advertised.

Note: In this step fail-over is not addressed. It is provided later with a script which runs on startup.

First you need to create two (or more) routes in the routing table ( /etc/iproute2/rt_tables ). Open the file and make changes similar to what is show below. I added the following for my two connections:
1 bsnl 2 tata

To add a default load balancing route for our outgoing traffic using our dual internet connections (ADSL broadband connections from BSNL & Tata Indicom) here are the lines I included in rc.local file:
ip route add 192.168.1.0/24 dev eth1 src 192.168.1.10 table bsnl ip route add default via 192.168.1.1 table bsnl ip route add 192.168.0.0/24 dev eth2 src 192.168.0.10 table tata ip route add default via 192.168.0.1 table tata ip rule add from 192.168.1.10 table bsnl ip rule add from 192.168.0.10 table tata ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.0.1 dev eth2 weight 4

Adding them to rc.local ensures that they are execute automatically on startup. You can also run them manually from the command line.

This completes the load balancing part. Let's now see how we can achieve fail-over so the routes are automatically changed when one or more connections are down and then changed again when one or more more connections come back up again. To do this magic I used a script.

How to setup fail-over over multiple load balanced ADSL / Cable connections

Please follow the steps below and preferably in the same order:

First download the script which checks for and provides fail-over over dual ADSL / Cable internet connections and save it to /usr/sbin directory (or any other directory which is mounted available while loading the OS).
Change the file permissions to 755:
chmod 755 /usr/sbin/gwping
Open the file (as root) in an editor like vi or gedit and edit the following parameters for your environment:

#IP Address or domain name to ping. The script relies on the domain being pingable and always available
TESTIP=www.yahoo.com

#Ping timeout in seconds
TIMEOUT=2

# External interfaces
EXTIF1=eth1
EXTIF2=eth2

#IP address of external interfaces. This is not the gateway address.
IP1=192.168.1.10
IP2=192.168.0.10

#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.1.1
GW2=192.168.0.1

# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 4 times faster
W1=1
W2=4

# Broadband providers name; use your own names here.
NAME1=BSNL
NAME2=TATA

#No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=4
FAILUREREPEATCOUNT=1

Note: Four consecutive success indicates that the gateway is up and one (consecutive) failure indicates that the gateway went down for my environment. You may want to modify it to better match your environment.
Add the following line to the end of /etc/rc.local file:
nohup /usr/sbin/gwping &

In the end my /etc/rc.local file has the following lines added in total:

ip route add 192.168.1.0/24 dev eth1 src 192.168.1.10 table bsnl
ip route add default via 192.168.1.1 table bsnl
ip route add 192.168.0.0/24 dev eth2 src 192.168.0.10 table tata
ip route add default via 192.168.0.1 table tata
ip rule add from 192.168.1.10 table bsnl
ip rule add from 192.168.0.10 table tata
ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.0.1 dev eth2 weight 4
nohup /usr/sbin/gwping &

An astute reader may note that the default setup with dual load balanced routing (7th line) is really not required as the script is configured to force routing based on the current status the very first time. However it is there to ensure proper routing before the script forces the routing for the first time which is about 40 seconds in my setup (can you tell why it takes 40 second for the first time?).

Concluding thoughts
In the process of finding and coding the simple solution above, I read several documents on routing including the famous lartc how-to (many of whose commands didn't work as described on my Fedora Core system) & nano.txt among several others. I think I have described the simplest possible solution for load balancing and transparent failover of two or more DSL / Cable connections from one or more providers where channel bonding is not provided upstream (requires cooperation from one or more DSL providers); which is the most common scenario. I would welcome suggestions and improvements to this document.

The solution has been well tested in multiple real and artificial load condition and works extremely well with users never realizing when a connection went down or came back up again.

Networking is a complex thing and it is conceivable that you may run into issues not covered here. Feel free to post your problems and solutions here. However, while I would like to, I will not be able to debug and solve individual problems due to time constraints.

I may however be able to offer useful suggestions to your unique problems. It may however be noted that I respond well to Café Estima Blend™ by Starbucks and move much quicker on my todo list. It is also great as a token of appreciation for my hard work. The "velvety smooth and balanced with a roasty-sweet flavor this blend of coffees is a product of the relationships formed between" us.

In a followup article I discussed how to configure single / dual / multiple ADSL / cable connections, firewall, gateway / NAT With Shorewall Firewall.

Filed under Computer Security, Fedora 7, Fedora Core 6, Headline News, How To, Linux, Linux Migration, Tech Note, Web | Tags: Broadband, Cases, Dataone Broadband, DSL, Firewall, Traffic Shaping | Comment on this Article 59 Comments | Email this Article

Linux News

Dataone Broadband News

How To Display / Delete IP Route Cache on Linux

October 20th, 2007 While configuring your routing (like load balancing with dual ADSL connections) you would often need to view the current route cache and also to occasionally delete the current cache. Here is how you can do it.

Wading in IPTABLES, Traffic Shaping & Routing for Multiple Uplink Providers

September 7th, 2007 I am wading through tons of material to improve my knowledge of Linux networking in general and more specifically to configure our firewalls properly and routing for multiple uplink providers with traffic shaping and failover. My earlier attempt to shortcut with eBox failed so this time I am going all the way.

How To Get Reliable Broadband In India

June 8th, 2008 India has infrastructural issues which impedes the progress of IT industry today. One of the major one is the availability of reliable high-speed broadband service.

Leased Line Rendered Obsolete With Bonded / Multiple ADSL for Most Businesses

June 24th, 2008 Leased Lines historically have been used as reliable, resilient internet and site-to-site data connections. The main benefits have been security, reliability, SLAs, private network and flexible speeds.

Load Balancing & Failover Script for Dual/ Multi WAN / ADSL / Cable Connections on Linux with Mail on failure

February 13th, 2008 Please read the original article - How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux. It contains detailed information with a sample script.

Cheapest Broadband in Kolkata / Calcutta

October 22nd, 2007 While comparing broadband packages from Tata Indicom and BSNL Dataone, I came across the revised pricing of another provider with whom I have a love-hate relationship. My last experience with them was ok.

Never Restart Network on Multi-ADSL Connection Machine...

November 23rd, 2007 I learned it the hard way. Our gateway machine with firewall (shorewall) has multiple ADSL connections configured with load balancing for more bandwidth and transparent fail-over.

AirTel Broadband Brings Broadband @ 8 Mbps

December 18th, 2007 That's about the best you can say about the 8 Mbps plans from Airtel. The starter Combo 1299 plan provides 8 mbps @ only Rs.

How To Configure Dual ADSL / Cable Connections, Firewall, Gateway / NAT With Shorewall Firewall on Linux

October 23rd, 2007 Shorewall is an excellent free linux firewall which provides unparalleled level of fine grained control. It not only acts as a firewall and Gateway, it also supports DMZ, IP Masquerading (NAT & SNAT), Proxy ARP and more.

How To Get Reliable & Affordable Broadband in India

July 29th, 2007 Broadband service in India is much less reliable than their counterparts in USA. While in USA, I used Pacific Bell 1.5 Mbps connection for 3 years without a single minute of downtime or any other problems.

How To: Autoexec.bat in Linux

October 14th, 2007 Autoexec.bat is a legacy file in Windows which is executed every time you start Windows. Commands you want to run with startup of windows, and applicable to all users, are added to autoexec.bat.

Experiences With eBox Platform (Total Network Solution for Small Business)

September 1st, 2007 eBox platform provides a mini-debian installation along with its modules to allow you to provide and manage network services on your corporate network. The key capabilities includes support for multiple external network interfaces with load balancing, traffic shaping, transparent proxy, firewall, content filters, DNS (domain name server), NTP (time server), mail server, Jabber Instant Messaging server, SAMBA for file sharing, DHCP and more.

How To Connect Broadband & EPABX on Same Line

September 24th, 2007 In small businesses you will often have the ADSL broadband and telephone line from the same connection. You may also need to setup an EPABX on the connection to share the phone line.

How To: Wireless Networking With BSNL DataOne Broadband On Windows & Linux

July 22nd, 2007 I am going to describe a simple no-brainer way to share your BSNL Dataone Broadband internet connection over wireless network. The same principles can be used with other broadband connections too.

How is Airtel Internet in Kolkata?

September 21st, 2008 I currently have 1Mbps connection from Tata Indicom & 256Kbps connection from BSNL, both broadband connections are load balanced with fail-over for reliability and greater effective bandwidth. I am planning to add a third connection, preferably Airtel Broadband.

Traffic Shaping

ireckon Wonder if anyone else in room understands what shaping means in relation to data traffic, doubt it #speakinplainenglish

mcgeneral Improving Battery Performance by Using Traffic Shaping Techniques 2001 13 citations 1 self

treser Multi-rate Traffic Shaping and End-to-End Performance Guarantees in ATM 1994 5 citations 2 self

wowelster Traffic shaping

birddawg Primus traffic shaping system hijacks failed DNS lookups: In what is considered to be a clear violation .. http://bit.ly/fyKJH #canada

treser Implementing Traffic Shaping and Link Scheduling on a High-Performance Server 2001

treser Minimum Cost Traffic Shaping A User s Perspective on Connection Admission Control 1999 2 citations 0 self

treser Optimal Cost Traffic Shaping With Self-Similar Input Sources

treser Internet Traffic Shaping for IP over WDM Links with Source Output Buffering or Multiple Parallel Wavelengths 2000

rtrt Scalable Architectures for Integrated Traffic Shaping and Link Scheduling in High-Speed ATM Switches 1997 14 citations 2 self

basst74 Traffic Shaping for Congestion Control in High Speed ATM Networks 1992 4 citations 0 self

charlesv So: any suggestions on greenpoint ISPs without bandwidth caps or traffic shaping I do a lot of um downloading...

nighto Quem tiver usando velox pode tentar baixar as duas vers�es de qualquer v�deo para testar o traffic shaping: http://tinyurl.com/daw2yq

nighto Naturalmente eu preferiria em h.264, mas por causa do traffic shaping do #velox, eles baixam a 30kB/s, contra 180+kB/s do WMV. #fail

treser Shaping TCP Traffic in ATM Networks \Lambda

treser Energy conservation in ad hoc multimedia networks using traffic-shaping mechanisms 2004 5 citations 0 self

basst74 A General Methodology for Designing Efficient Traffic Scheduling and Shaping Algorithms 1997 34 citations 9 self

treser On Shaping TCP Traffic at Edge Gateways

treser Policing and Traffic Shaping at the User-Network-Interface UNI

crisdias Good morning traffic shaping.

Linux

note4567 FriendFeed/ebooks: #10: Acer Aspire Revo R3600 Desktop PC (Intel Atom N230 1.6 Ghz, 1 GB RAM, 8 GB SSD, Linux)

sumodirjo Kompas ePaper Runs on Linux + Firefox - Z & his Startup

mellissad Okay, my husband has just signed up to FF! He likes computers and iPhone and Linux and WoW and sci-fi and me and other stuffs. http://friendfeed.com/esinner

alexavatar #10: Acer Aspire Revo R3600 Desktop PC (Intel Atom N230 1.6 Ghz, 1 GB RAM, 8 GB SSD, Linux)

acomputerpro Now don't think I was there to buy Cannabis & Graffiti books... because I wasn't.

intellibitz SMILE - Powerful Slideshow Maker In Linux | Nobody was Born with Linux Knowledge

intellibitz #opensource Bazaar for Subversion users, part 1 - the basics: Alex on Linux: "This series of articles.. http://tinyurl.com/lpzkes

intellibitz ath9k - Linux Wireless

intellibitz Anatomy of the Linux kernel

augiedb @Ihnatko wins! I also remember entering Hayes commands in to dial into a PPP connection in Linux. What was that, 2006 Friggin' Linux...

gregladen So, you think Linux is "ugly"

jarinudom Chinese Web Crawlers May Bypass Filters with Mac/Linux

gregorycollins reading Chinese Web Crawlers May Bypass Filters with Mac/Linux http://is.gd/1mQdg

flipwared Que feo que queda el tray icon de JDownloader en Linux, podr�an hacerlo con fondo transparente...

otsuguasc RT @institutoclaro: C�digo de sistema desenvolvido em Linux j� est� dispon�vel no site do Min. das Comunica��es http://migre.me/3bZv

otsuguasc RT @institutoclaro: C�digo de sistema desenvolvido em Linux p/ telecentros comunit�rios j� est� dispon�vel no site do Min. das Comunica�

floft just switched to using AHCI and all my linux problems were solved!!!

khaces Scalix: Linux Administrators Guide http://tinyurl.com/kkoojj

vish Microsoft And Linux Hold Peace Tweets

web2brandwatch Hoang Anh Vien tweeted: PHP and script.aculo.us Web 2.0 Application Interfaces | Boykmas Blog Free download ebook and much more Windows Linux SEO tips http: ...

Antonio Says:
October 25th, 2007 at 5:59 am

Hello,

I came here from Google.

I’m trying to do something like this here in my office.

The load balance and the fail over are OK, but there’s something that gonna make me crazy!

Here, we use Skype a lot, and other programs that need a continuos connection, such VPN’s and SSH, and a ERP called Microsiga (We have other office in other city, about 40 Km (25 miles).

Do you have some script that force traffic from such ports to go out ALWAYS with eth2 (like email, skype, our ERP) and use the eth0 for other traffic (http, ftp, etc).

Thanks in advance

Angsuman Chakraborty Says:
October 25th, 2007 at 8:30 am

You can use Shorewall Firewall to do preferential routing.

Angsuman Chakraborty Says:
November 18th, 2007 at 9:10 pm

Yes, I use a script to do preferential routing. The script is tied to this script. It uses preferably one network when available. Otherwise it is forced to switch to the other.

Aaron Dunlop Says:
January 2nd, 2008 at 12:00 pm

Hey, great article. I’ve been looking for something that describes a current linux distro and all the other guides I’ve found so far are from 2004 or before or guides that only describe theory.

Great if you want to pass a test, waste of time if you’re just trying to get something working.

Thanks a ton!

Aatif Ali Says:
January 9th, 2008 at 12:43 am

Excellent work Angsuman,
You did really well but I feel there is need to mention how to check wheather its working or not. I mean can you please describe the way through which we check load balancing is working or not.

Thanks A lot

Regards,

Aatif

Mauricio Silveira Says:
January 11th, 2008 at 7:49 am

Antonio,

You could use fwmark for this purpose with some trickering at the routing tables.
http://lartc.org/ might point you out how to use packet marking with the routing tables; Specifically this page: http://lartc.org/howto/lartc.netfilter.html

Hope it helps you

Rajjayswal Says:
March 19th, 2008 at 7:10 am

hiii

iam rajjayswal form mumbai

how to setup loadblace with internet cash in inux

pls help me …

Eduardo Says:
April 11th, 2008 at 11:43 am

This work like a charm!

Also I made an improvement to scritp to have email notification where an interface is up or down.

The comman that I use 3 times before \”ip route replace…bla..bla\” is:
printf \”WAN Conection $NAME1 is UP!\” | mail -r linux-host@localdomain.com -s \”WAN $NAME1 is UP!\” $EMAILTO

Regards from Argentina!
P.D: You can use a flag to avoid notification when script run for fist time

Eduardo Says:
April 11th, 2008 at 11:45 am

hehe.. I fogot global $EMAILTO

EMAILTO=”youremail@yourdomain.com”

veena Nandakumar Says:
May 6th, 2008 at 3:58 am

Hai

Thankyou for the script
mine one question-
Presently we are using TATA,If it goes down It has to change into BSNL automaticaly,What changes I need to make for that script and How can I check From which connection It is working.
I am new for this field, Please help me out in this
Please
Thanks in advance

Regards
Veena

Load Balancing & Failover Script for Dual/ Multi WAN / ADSL / Cable Connections on Linux with Mail on failure Says:
May 6th, 2008 at 7:52 am

[...] read the original article - How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux. It contains detailed information with a sample script. Viliam Kočinský modified my script to [...]

Theuns Says:
May 7th, 2008 at 10:22 pm

Hi!
Hope you can help. I need to load-balance 8 x ADSL lines with fail-over(if a line goes dead, the route needs to be disabled & enabled again when it comes back on) I also need to be notified via email if a line goes down.
How can I di that? I`m new to linux, and have no scripting experience.

Thanks in advance
Regards
Theuns

Elwin Says:
May 29th, 2008 at 1:10 pm

Hi…. i’ve come know this website through google

My question is How can i add two gateways in Local LAN settings???? As in first Gateway is my Internet Gateway and second my exchange server.

Leased Line Rendered Obsolete With Bonded / Multiple ADSL for Most Businesses Says:
June 24th, 2008 at 2:44 am

[...] 4250 for over 1 Mbps download and 512 Kbps upload bandwidth. I have used the two connections to get reliable broadband at a fraction of the cost of leased [...]

Marc Says:
July 11th, 2008 at 9:04 am

Where are routes stored really? In clients computers or in the server acting as a load-balancing router?
In case routes are stored on client machines, route based load balancing would help much in case one of the lines fails right?
What would you recomend to obtain fail-over plus load balancing?

Thank’s for your great script, it’s well written and easy to understand.

Angsuman Chakraborty Says:
July 11th, 2008 at 7:13 pm

The routes are stored in the server. It does the load balancing for all. You can also assign specific routes to particular client machines or for particular target machines on the load balancing server or even assign particular load balancing strategies.

> What would you recomend to obtain fail-over plus load balancing?

As I used - shorewall with script based load balancing and failover on a Linux system as I explained above.

Rashid Says:
July 25th, 2008 at 6:29 am

can any one provide script that ping the http://www.yahoo.com and set values (variables)
or can anyone provide complete script that is working somewhere.

thanks in advance

Angsuman Chakraborty Says:
July 25th, 2008 at 8:58 pm

I have provided the full script in the article above.

alexpapajim Says:
August 3rd, 2008 at 11:01 pm

sorry for the question i’m a new in linux and i can’t figure out how i’m supposed to link this load ballancer with my network in order to work?
do i need an extra ethernet ?
and what i’m going to set up in the client pcs?

please hepl me…..

alexpapajim Says:
August 3rd, 2008 at 11:03 pm

please help, new in linux……
how i’m supposed to link this load ballancer with my network?
and what are the settings i have to do to the client pcs?

alexpapajim Says:
August 3rd, 2008 at 11:05 pm

how i’m supposed to link this load ballancer with my network and what settings i have to do to the client pcs…..?
please help new in linux

Krishna Mohan Says:
August 11th, 2008 at 5:39 am

Excellent article, which explains LB and Failover using iproute2 commands.

ajay vajpai Says:
September 12th, 2008 at 7:46 am

we installed a peplink with our company and it did not help with voip because the bandwidth was very slow..

we are looking at other load balancing and failover for voip and internet. plese could you let me know about

xroad network
xrio ubm
ande lfiq

thank you for any asistance

Usman Says:
September 19th, 2008 at 1:38 am

I want something like this.

10.0.0.0/24
10.1.0.0/24
10.2.0.0/24

go from gateway 1 and

10.3.0.0/24
10.4.0.0/24
10.5.0.0/24

go from gateway 2

What extra entries i need to add please tell.

How is Airtel Internet in Kolkata? Says:
September 21st, 2008 at 9:38 pm

[...] currently have 1Mbps connection from Tata Indicom & 256Kbps connection from BSNL, both broadband connections are load balanced with fail-over for reliability and greater effective bandwid…. I am planning to add a third connection, preferably Airtel [...]

Devil Says:
September 24th, 2008 at 4:37 am

hi,
i have a question hows many Network Cards do you have in computer. in your code u only mentioned 2 Interfaces on which u r getting the Internet but what about the other LAN Computers how they will get internet.
waiting for your reply.
thanks in advance.

Angsuman Chakraborty Says:
September 24th, 2008 at 12:36 pm

3 Cards - 2 for different wan / internet connections and one for intranet.

2 Link - 1 Rede, e saida Covardona pela Direita.... - Under-Linux.org F�runs Says:
October 7th, 2008 at 8:26 am

[...] instalei dois links + rede interna usando esse tutorial aqui: How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux Funcionou perfeitamente e nem precisa de regras [...]

Daniel Nelo Says:
October 13th, 2008 at 7:55 am

Great Script Angsuman, great work!

I have one issue tough, whenever some clients try to access online banking they get disconected because the internet IP has changed. I read that you have another script for preferential routing, could you provide it to us? Or give me some light of what to do in this case.

Thanks in advance.

Angsuman Chakraborty Says:
October 13th, 2008 at 6:58 pm

Daniel,

You can just hardcode routes for certain destination ip addresses using ip route.

Biojerk Says:
October 16th, 2008 at 9:39 pm

How can i share the connection locally.
I also have 2 ISP and 3 NICs
I want to share the connection in our LAN side
could you provide a different procedure for that.

nishith Says:
October 17th, 2008 at 5:46 am

sorry I didnot quite understand the implication of the following line in the load balancing part
ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.0.1 dev eth2 weight 4

I understand it is doing the load balancing - but which table do these entry go into - the main route table ? what does scope global and nexthop do ? and what does src imply in the above commands ?

Angsuman Chakraborty Says:
October 17th, 2008 at 7:59 pm

Please refer to routing documentation for details.

Pradeep Manjunath Prasad Says:
October 21st, 2008 at 8:23 am

Hi,

[........]
# Do not change anything below this line
LLS1=1
LLS2=1
# Last ping status. Don’t change these values.
LPS1=1
LPS2=1
……….
if [[ $CLS1 -eq 0 || $CLS2 -eq 0 ]]; then
if [[ $LLS1 -eq 1 && $LLS2 -eq 0 ]]; then
echo Switching to $NAME2
ip route replace default scope global via $GW2 dev $EXTIF2
……..
fi
sleep $SLEEPTIME
done
[.............]

Kindly please let me know how the variable CLS1,CLS2,LPS1,LPS2.etc values are changing in scrip……

marc Says:
October 21st, 2008 at 9:13 am

Hello, I set up a site with this config and it works perfectly with two different providers. The only thing I needed to change is the TESTIP address, when using a domain name as http://www.yahoo.com, I realized that when you ping you control the interface for the ICMP message but not for the DNS query. That is a problem since you might end up with a non response even when your interface is working.
Anyhow, easy fix, use IP address instead of the domain name.

Angsuman Chakraborty Says:
October 21st, 2008 at 9:15 am

Marc,

That is correct. I don’t face the problem because I run a local caching DNS server (named service on Linux).

BTW: I use IP address of one of my dedicated server. We can also load-balance the IP for better reliability.

Kamran Says:
October 27th, 2008 at 3:17 am

Hi,
Does Load Balancing/Fail over scripts work on proxy enabled host?

Cristiano Says:
October 28th, 2008 at 7:28 am

Why?

ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.2.1 dev eth2 weight 1

Erro “RTNETLINK answers: Invalid argument”

Panagiotis Palias Says:
October 31st, 2008 at 7:39 am

Hello Angsuman,

got here from google link and found your script useful.

I also added the DNS and the mail servers of each provider in the custom tables, cause usually the providers don’t lookup recursively the dns queries if the IP doesn’t belong to them, as well as they don’t relay mails from IPs other than their.
ip route add to 194.219.227.2/32 via $P1 table $T1

rc3 Says:
November 5th, 2008 at 4:10 pm

Hi Angsuman,
First of all, really nice howto on load balancing + failover. I have been doing almost the same thing for my ISP employer. I would like to share my experience.
1)
I split the traffic based on destination ports, i.e. web traffic go through ISP2 and the rest through ISP1. For those who want to implement this, use iptables combined with ip:

iptables -A PREROUTING -t mangle -i ${LAN_IFACE} -p tcp –dport 80 -j MARK –set-mark 2
iptables -A PREROUTING -t mangle -i ${LAN_IFACE} -p tcp –dport 443 -j MARK –set-mark 2
ip rule add from all fwmark 2 table ISP2
2) The router that I worked on comes with a lower version of ip package and certain ip commands such as “ip route replace” will not work therefore I had to manually flush the routing tables and add back whatever is needed when routes need to be changed: ( I wish I could upgrade the ip package but the system is old and there’s not even space to install gcc )
ip route flush table ISP1 > /dev/null 2>&1
ip route flush table ISP2 > /dev/null 2>&1
ip route add …
ip route rull add …
3)Network detection, I don’t feel it’s a good idea to ping the same ip address every 40 seconds, therefore I use a pool of fix ips (all google’s plus one from yahoo) and ping them randomly.
4)I also wrap up the ping operation in a function like this:
#!/bin/bash
#check_net $count $interval $timeout $ip
check_net() {
ping -c $1 -i $2 -w $3 $4 > /dev/null 2>&1
return `test $? == 0`
}
#usage examples:
check_net 1 1 1 123.123.123.123 && echo “123.123.123.123 ping good” || echo “123.123.123.123 ping failed”
check_net 1 1 1 127.0.0.1 && echo “127.0.0.1 ping good” || echo “127.0.0.1 ping failed”
The reason I’m doing this is I can use check_net like this
check_net 1 1 1 $ip_to_check || check_net 5 2 10 $ip_to_check || { do_something; do_another_thing; }
Basically it reads: I just try to ping $ip_to_check 1 package with 1 sec interval and 1 sec timeout, if it’s good, carry on, if not, increase the count to 5 and interval to 2 sec, timeout to 10 secs, if still not good, run the scripts inside { }

Angsuman Chakraborty Says:
November 5th, 2008 at 8:43 pm

Hi rc3,

Thanks for sharing it with our readers. This is very useful.

Sehat Says:
November 11th, 2008 at 3:22 am

Guys, you can add time in the output just add
`date +%H:%M:%S’” >> ” ….
at every echo.
So the original echo $NAME1 down will be like this
`date +%H:%M:%S’” >> “%NAME1 down

This way, you can know when the line was down.

Hope this help.

Angsuman Chakraborty Says:
November 11th, 2008 at 8:46 pm

Thanks Sehat for the tip.

Sehat Says:
November 15th, 2008 at 6:34 am

when I use gwping and the configuration described here, I notice that intermittenly my network will become so slow in responding request from client. Finally, I figure out that it’s because, when linux, switching the line, seems that the cached route, is not switch, and thus will make the line become slow.
To overcome this problem I add “ip route flush cache” at the end of the script where the default route is changed.

Take a look at this snippet, and you’ll know where I mean.

if [[ $CLS1 -eq 0 || $CLS2 -eq 0 ]]; then
if [[ $LLS1 -eq 1 && $LLS2 -eq 0 ]]; then
echo `date +%x–%X`” >> “Switching to $NAME2
ip route replace default scope global via $GW2 dev $EXTIF2
elif [[ $LLS1 -eq 0 && $LLS2 -eq 1 ]]; then
echo `date +%x–%X`” >> “Switching to $NAME1
ip route replace default scope global via $GW1 dev $EXTIF1
elif [[ $LLS1 -eq 0 && $LLS2 -eq 0 ]]; then
echo `date +%x–%X`” >> “Restoring default load balancing
ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $W1 nexthop via $GW2 dev $EXTIF2 weight $W2
fi
ip route flush cache
fi

@Angsuman: What do you think about my assumption? Is it possible? Because I’m still a Linux newbie.

Angsuman Chakraborty Says:
November 15th, 2008 at 7:34 pm

Adding a flush cache is fine

Sri Says:
December 3rd, 2008 at 3:35 pm

Hi Angsuman

I have checked the above without gwping script. It is working fine. but the problem is the fail over time is much high( around one two min). but we are developing a mission critical system with a failover time in sub second. at least 1 sec. so is it posssible to get that

Please Says:
December 11th, 2008 at 3:46 am

Hi
My ISP deny icmp so can replace ping to tcping?

Please help me
Please

Roberto Says:
December 17th, 2008 at 2:01 pm

Hi… I just followed the instructions here… and it works partially for me.

After a few hours, or randomly, the computers connected to the LAN can’t access the internet anymore, but the router can. I don’t know what’s happening… maybe something is wrong the first lines of the rc.local (ip forward and masquerade, shown below)

Anyone can help me? Thanks in advance.

My /etc/rc.local file:
echo 1 > /proc/sys/net/ipv4/ip_forward


/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

/sbin/iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE 
ip route add 192.168.251.0/24 dev eth1 src 192.168.251.1 table GVT

ip route add default via 192.168.251.254 table GVT

ip route add 192.168.252.0/24 dev eth2 src 192.168.252.1 table BRT

ip route add default via 192.168.252.254 table BRT
ip rule add from 192.168.251.1 table GVT

ip rule add from 192.168.252.1 table BRT

ip route add default scope global nexthop via 192.168.251.254 dev eth1 weight 1 nexthop via 192.168.252.254 dev eth2 weight 2
nohup /usr/sbin/gwping &

exit 0
And my /etc/network/interfaces file:
# The loopback network interface auto lo iface lo inet loopback


# LAN interface

auto eth0

iface eth0 inet static

address 192.168.1.99

netmask 255.255.255.0

broadcast 192.168.1.255

network 192.168.1.0
#GVT

auto eth1

iface eth1 inet static

address 192.168.251.1

netmask 255.255.255.0

broadcast 192.168.251.255

network 192.168.251.0

#BRASIL TELECOM auto eth2 iface eth2 inet static address 192.168.252.1 netmask 255.255.255.0 broadcast 192.168.252.255 network 192.168.252.0

Zé Says:
December 17th, 2008 at 2:09 pm

Roberto Says:
December 18th, 2008 at 7:38 am

Also, if the first connection (eth1) is the only one UP, everything works with no problems at all. But if the second connection (eth2) is the only one up, the internet connection on LAN computers doesn’t work, but in the server it does.

Maybe there is something with dns also. In the /etc/resolv.conf I have to put “nameserver 192.168.252.254″ for the BRT (eth2) connection to work and resolve names, otherwise it won’t work (i tried opendns servers, and they work for the eth1 connection).

I only use dnsmasq with the default configuration (i don’t have bind9 installed).

Just to mention, the connections are from two different ISPs, they are ADSL (1 Mega for eth1 and 2 Mega for eth2), and I am in Brazil. The modems are exactly the same model with the same configuration. The eth1 connection has dynamic ip while the eth2 connection has static ip.

Any clues? Thanks!

Jason Says:
January 15th, 2009 at 5:31 pm

There are commercial solutions to this problem as well. I work for a company that makes a product that load balances up to 12 lines. It’s not cheap but it is robust and intelligent as we’ve been at it for 10+ years now. Just want to throw that out there.

slashdotfx Says:
February 18th, 2009 at 8:27 am

Hi, greetings,

came from google, your article is very helpfull,
thank you very much.

Murali Krishna Says:
February 18th, 2009 at 11:36 am

Hi Angsuman,
“fail-over over multiple load balanced ADSL/Cable connections” (gwping) script you have given only about 2 ISP’s. How can i change that script for 3 ISP’s?
can you pls help me out.
Thanks in advance.

Martin Pusch Says:
February 20th, 2009 at 5:30 pm

Thank you for sharing your experience with others. I am working in Africa, where the Internet connections are not always easy to manage, and your informations helped me a lot.

Martin

Wilson Says:
February 24th, 2009 at 4:53 am

Great job.

I will like to implement it with 3 isp’s. How can it be done?

Thanks in advanced.

Bernardo Burnier Says:
February 28th, 2009 at 6:18 pm

Who wants to mess with his kernel and deal with complex and poorly documented solutions, or even to fork out some big buck$ to solve this problem, when it can be done, as you presented here, with a smart little bash script on a linux box?
After reading all the cluttter floating around the internet about how to LB (and there’s a lot) I can only say that this is a simple yet powerfull solution.
Thank you for showing the way.

Daniel Says:
March 10th, 2009 at 2:05 am

Hey. I accomplished to setup a load balancing between two interfaces too, made firewall rules, etc. and it all works pretty fine, except of one fact, which I’d like to share with you to see if somebody had the same problem.
So, i load-balance with the same ip route commands like Angsuman showed above, except that my ISP speeds are the same, so i use a ‘weight 1′ twice. Now, every once in a while it happens that a user (fyi: we have about 20-25 users) gets stuck while browsing the web. once you hit refresh the site will be loaded though. It’s not bound to certain sites, it happens randomly. I suspect my DNS setup but the fact that i use a non-authoritative DNS (forward only) makes me think it’s another problem. Did anybody experience similar problem s and if yes, how did you fix it ? Any help is very appreciated.

Thanks, Daniel

(and thanks angsuman for your contribution to this topic)

Walter Says:
March 30th, 2009 at 8:16 pm

Hi,
Excelent How To. I’m using it with shorewall and it works fine, buy I have one question.. if I have a service which is reached from the outside for example a security IP camera. How can I assure that this camera will be reached from only 1 of my 2 IP addresses.

Thanks,
Walter

Thiha Says:
July 1st, 2009 at 12:25 pm

Could you please tell me how to test whether our linux box is being as a load balancing server or not. Although i use traceroute command, the output do not show multiple path.

Simple solutions for complex problems.

How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux

Requirements for Load Balancing multiple ADSL / Cable Connections

How to setup default load balancing for multiple ADSL / Cable connections

How to setup fail-over over multiple load balanced ADSL / Cable connections

Linux News

Dataone Broadband News

Topics (map)

Taragana Network

Blog Stats

Translate

Poll

Latest Friend Feeds

Traffic Shaping

Linux