How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux
In many location, including but definitely not limited to India, single ADSL / Cable connections can be unreliable and also may not provide sufficient bandwidth for your purposes. One way to increase reliability and bandwidth of your internet connection is to distribute the load (load balancing) using multiple connections. It is also imperative to have transparent fail-over so routes are automatically adjusted depending on the availability of the connections. With load balancing and fail-over you can have reliable connectivity over two or more unreliable broadband connections (like BSNL or Tata Indicom in India). I present you with the simplest solution to a complex problem with live examples.
Note: Load balancing doesn't increase connection speed for a single connection. Its benefits are realized over multiple connections like in an office environment. The benefits of fail-over are however realized even in a single user environment.
The load balancing mechanism, to be discussed with example below, in Linux caches routes and doesn't provide transparent fail-over support. There are two solutions to incorporate transparent fail over - 1. compiling and using a custom Linux kernel with Julian Anastasov's kernel patches for dead gateway detection or 2. user space script to monitor connections and dynamically change routing information.
Julian Anastasov's patches have two problems:
1. They work only when the first hop gateway is down. In many cases, including ours, the first hop gateway is the adsl modem cum router which is always up. So we need a more robust solution for our purposes.
2. You have to compile a custom kernel with patches. This is somewhat complex procedure with reasonable chances of screwing up something. It also forces you to re-patch the kernel every time you decide to update your kernel. Overall I wouldn't recommend anyone going for kernel patching route unless that is the only option. Also in that case you should look for a rpm based solution (like livna rpm for nVidia drivers) which does it automatically for you.
A better solution is to use a userspace program which monitors your connection and updates routes as necessary. I will provide a script which we use to constantly monitor our connections. It provides transparent fail over support with two ADSL connections. It is fully configurable and can be used for any standard dual ADSL / Cable connections to provide transparent fail over support. It can also be easily modified to use for more than two connections. You can also use it to log uptime / downtime of your connections like we did.
Let's first discuss load balancing with two ADSL / Cable connections and then we will see how to provide transparent fail-over support. The ideas and script provided here can be easily used for more than two connections with minor modifications.
Requirements for Load Balancing multiple ADSL / Cable Connections
1. Obviously you need to have multiple (A)DSL or Cable connections in the first place. Login as root for this job.
2. Find out the LAN / internal IP address of the modems. They may be same like 1921.168.1.1.
Check if the internal / LAN IP address of both (or multiple) modems are same. In that use the web / telnet interface of the modems to configure one of the modems to have a different internal IP address preferably in different networks like 192.168.0.1 or 192.168.2.1 etc. If you are using multiple modems then you should configure each of them to have different subnets. This is important because now you can easily access the different modems from their web interface and you don't have to bother connecting to a modem through a particular interface. It is also important because now you can easily configure the interfaces to be associated with different netmasks / sub-network.
3. Connect each modem to the computer using a different interface (eth0, eth1 etc.). You may be able to use the same interface but this guide doesn't cover that. In short you will make your life complicated using the same interface or even different virtual interface. My recommendation is that you should use one interface per modem. Don't scrimp on cheap ethernet adapters. This has the added benefit of redundancy should one adapter go bad down the road.
4. Configure the IP address of each interface to be in the same sub-network as the modem. For example my modems have IP addresses of 192.168.0.1 and 192.168.1.1. The corresponding addresses & netmasks of the interfaces are: 192.168.0.10 (netmask: 255.255.255.0) and 192.168.1.10 (netmask: 255.255.255.0).
5. Find out the following information before you proceed with the rest of the guide:
- IP address of external interfaces (interfaces connected to your modems). This is not the gateway address.
- Gateway IP address of each broadband connections. This is the first hop gateway, could be your DSL modem IP address if it has been configured as the gateway following the tip below.
- Name, IP address & netmask of external interfaces like eth1, eth2 etc. My external interfaces are eth1 & eth2.
- Relative weights you want to assign to each connection. My Tata connection is 4 times faster than BSNL connection. So I assign the weight of 4 to Tata and 1 to BSNL. You must use low positive integer values for weights. For same connection speeds weights of 1 & 1 are appropriate. The weights determine how the load is balanced across multiple connections. In my case Tata is 4 times as likely to be used as route for a particular site in comparison with BSNL.
Note: Refer to Netmask guide for details on netmasks.
Optional step
Check the tips on configuring (A)DSL modems. They are not required for using this guide. However they are beneficial in maximizing your benefits.
How to setup default load balancing for multiple ADSL / Cable connections
Unlike other guides on this topic I will use a real example - the configuration on our internal network. So to begin with here are the basic data for my network:
#IP address of external interfaces. This is not the gateway address.
IP1=192.168.1.10
IP2=192.168.0.10#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.1.1
GW2=192.168.0.1# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 4 times faster
W1=1
W2=4# Broadband providers name; use your own names here.
NAME1=bsnl
NAME2=tata
You must change the example below to use your own IP addresses and other details. Even with that inconvenience a real example is much easier to understand than examples with complex notations. The example given below is copy-pasted from our intranet configuration. It works perfectly as advertised.
Note: In this step fail-over is not addressed. It is provided later with a script which runs on startup.
First you need to create two (or more) routes in the routing table ( /etc/iproute2/rt_tables ). Open the file and make changes similar to what is show below. I added the following for my two connections:
1 bsnl
2 tata
To add a default load balancing route for our outgoing traffic using our dual internet connections (ADSL broadband connections from BSNL & Tata Indicom) here are the lines I included in rc.local file:
ip route add 192.168.1.0/24 dev eth1 src 192.168.1.10 table bsnl
ip route add default via 192.168.1.1 table bsnl
ip route add 192.168.0.0/24 dev eth2 src 192.168.0.10 table tata
ip route add default via 192.168.0.1 table tata
ip rule add from 192.168.1.10 table bsnl
ip rule add from 192.168.0.10 table tata
ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.0.1 dev eth2 weight 4
Adding them to rc.local ensures that they are execute automatically on startup. You can also run them manually from the command line.
This completes the load balancing part. Let's now see how we can achieve fail-over so the routes are automatically changed when one or more connections are down and then changed again when one or more more connections come back up again. To do this magic I used a script.
How to setup fail-over over multiple load balanced ADSL / Cable connections
Please follow the steps below and preferably in the same order:
- First download the script which checks for and provides fail-over over dual ADSL / Cable internet connections and save it to /usr/sbin directory (or any other directory which is mounted available while loading the OS).
- Change the file permissions to 755:
chmod 755 /usr/sbin/gwping - Open the file (as root) in an editor like vi or gedit and edit the following parameters for your environment:
#IP Address or domain name to ping. The script relies on the domain being pingable and always available
TESTIP=www.yahoo.com#Ping timeout in seconds
TIMEOUT=2# External interfaces
EXTIF1=eth1
EXTIF2=eth2#IP address of external interfaces. This is not the gateway address.
IP1=192.168.1.10
IP2=192.168.0.10#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.1.1
GW2=192.168.0.1# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 4 times faster
W1=1
W2=4# Broadband providers name; use your own names here.
NAME1=BSNL
NAME2=TATA#No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=4
FAILUREREPEATCOUNT=1Note: Four consecutive success indicates that the gateway is up and one (consecutive) failure indicates that the gateway went down for my environment. You may want to modify it to better match your environment.
- Add the following line to the end of /etc/rc.local file:
nohup /usr/sbin/gwping &
In the end my /etc/rc.local file has the following lines added in total:
ip route add 192.168.1.0/24 dev eth1 src 192.168.1.10 table bsnl
ip route add default via 192.168.1.1 table bsnl
ip route add 192.168.0.0/24 dev eth2 src 192.168.0.10 table tata
ip route add default via 192.168.0.1 table tata
ip rule add from 192.168.1.10 table bsnl
ip rule add from 192.168.0.10 table tata
ip route add default scope global nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.0.1 dev eth2 weight 4
nohup /usr/sbin/gwping &
An astute reader may note that the default setup with dual load balanced routing (7th line) is really not required as the script is configured to force routing based on the current status the very first time. However it is there to ensure proper routing before the script forces the routing for the first time which is about 40 seconds in my setup (can you tell why it takes 40 second for the first time?).
Concluding thoughts
In the process of finding and coding the simple solution above, I read several documents on routing including the famous lartc how-to (many of whose commands didn't work as described on my Fedora Core system) & nano.txt among several others. I think I have described the simplest possible solution for load balancing and transparent failover of two or more DSL / Cable connections from one or more providers where channel bonding is not provided upstream (requires cooperation from one or more DSL providers); which is the most common scenario. I would welcome suggestions and improvements to this document.
The solution has been well tested in multiple real and artificial load condition and works extremely well with users never realizing when a connection went down or came back up again.
Networking is a complex thing and it is conceivable that you may run into issues not covered here. Feel free to post your problems and solutions here. However, while I would like to, I will not be able to debug and solve individual problems due to time constraints.
I may however be able to offer useful suggestions to your unique problems. It may however be noted that I respond well to Café Estima Blend™ by Starbucks and move much quicker on my todo list. It is also great as a token of appreciation for my hard work. The "velvety smooth and balanced with a roasty-sweet flavor this blend of coffees is a product of the relationships formed between" us.
In a followup article I discussed how to configure single / dual / multiple ADSL / cable connections, firewall, gateway / NAT With Shorewall Firewall.
Filed under Computer Security, Fedora 7, Fedora Core 6, Headline News, How To, Linux, Linux Migration, Tech Note, Web | 
| 
RSS 2.0 |
Trackback this Article
| 
Email this Article
You may also like to read |
October 25th, 2007 at 5:59 am
Hello,
I came here from Google.
I’m trying to do something like this here in my office.
The load balance and the fail over are OK, but there’s something that gonna make me crazy!
Here, we use Skype a lot, and other programs that need a continuos connection, such VPN’s and SSH, and a ERP called Microsiga (We have other office in other city, about 40 Km (25 miles).
Do you have some script that force traffic from such ports to go out ALWAYS with eth2 (like email, skype, our ERP) and use the eth0 for other traffic (http, ftp, etc).
Thanks in advance
October 25th, 2007 at 8:30 am
You can use Shorewall Firewall to do preferential routing.
November 18th, 2007 at 9:10 pm
Yes, I use a script to do preferential routing. The script is tied to this script. It uses preferably one network when available. Otherwise it is forced to switch to the other.
January 2nd, 2008 at 12:00 pm
Hey, great article. I’ve been looking for something that describes a current linux distro and all the other guides I’ve found so far are from 2004 or before or guides that only describe theory.
Great if you want to pass a test, waste of time if you’re just trying to get something working.
Thanks a ton!
January 9th, 2008 at 12:43 am
Excellent work Angsuman,
You did really well but I feel there is need to mention how to check wheather its working or not. I mean can you please describe the way through which we check load balancing is working or not.
Thanks A lot
Regards,
Aatif
January 11th, 2008 at 7:49 am
Antonio,
You could use fwmark for this purpose with some trickering at the routing tables.
http://lartc.org/ might point you out how to use packet marking with the routing tables; Specifically this page: http://lartc.org/howto/lartc.netfilter.html
Hope it helps you
March 19th, 2008 at 7:10 am
hiii
iam rajjayswal form mumbai
how to setup loadblace with internet cash in inux
pls help me …
April 11th, 2008 at 11:43 am
This work like a charm!
Also I made an improvement to scritp to have email notification where an interface is up or down.
The comman that I use 3 times before \”ip route replace…bla..bla\” is:
printf \”WAN Conection $NAME1 is UP!\” | mail -r linux-host@localdomain.com -s \”WAN $NAME1 is UP!\” $EMAILTO
Regards from Argentina!
P.D: You can use a flag to avoid notification when script run for fist time
April 11th, 2008 at 11:45 am
hehe.. I fogot global $EMAILTO
EMAILTO=”youremail@yourdomain.com”
May 6th, 2008 at 3:58 am
Hai
Thankyou for the script
mine one question-
Presently we are using TATA,If it goes down It has to change into BSNL automaticaly,What changes I need to make for that script and How can I check From which connection It is working.
I am new for this field, Please help me out in this
Please
Thanks in advance
Regards
Veena
May 6th, 2008 at 7:52 am
[...] read the original article - How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux. It contains detailed information with a sample script. Viliam Kočinský modified my script to [...]
May 7th, 2008 at 10:22 pm
Hi!
Hope you can help. I need to load-balance 8 x ADSL lines with fail-over(if a line goes dead, the route needs to be disabled & enabled again when it comes back on) I also need to be notified via email if a line goes down.
How can I di that? I`m new to linux, and have no scripting experience.
Thanks in advance
Regards
Theuns
May 29th, 2008 at 1:10 pm
Hi…. i’ve come know this website through google
My question is How can i add two gateways in Local LAN settings???? As in first Gateway is my Internet Gateway and second my exchange server.
June 24th, 2008 at 2:44 am
[...] 4250 for over 1 Mbps download and 512 Kbps upload bandwidth. I have used the two connections to get reliable broadband at a fraction of the cost of leased [...]
July 11th, 2008 at 9:04 am
Where are routes stored really? In clients computers or in the server acting as a load-balancing router?
In case routes are stored on client machines, route based load balancing would help much in case one of the lines fails right?
What would you recomend to obtain fail-over plus load balancing?
Thank’s for your great script, it’s well written and easy to understand.
July 11th, 2008 at 7:13 pm
The routes are stored in the server. It does the load balancing for all. You can also assign specific routes to particular client machines or for particular target machines on the load balancing server or even assign particular load balancing strategies.
> What would you recomend to obtain fail-over plus load balancing?
As I used - shorewall with script based load balancing and failover on a Linux system as I explained above.
July 25th, 2008 at 6:29 am
can any one provide script that ping the http://www.yahoo.com and set values (variables)
or can anyone provide complete script that is working somewhere.
thanks in advance
July 25th, 2008 at 8:58 pm
I have provided the full script in the article above.
August 3rd, 2008 at 11:01 pm
sorry for the question i’m a new in linux and i can’t figure out how i’m supposed to link this load ballancer with my network in order to work?
do i need an extra ethernet ?
and what i’m going to set up in the client pcs?
please hepl me…..
August 3rd, 2008 at 11:03 pm
please help, new in linux……
how i’m supposed to link this load ballancer with my network?
and what are the settings i have to do to the client pcs?
August 3rd, 2008 at 11:05 pm
how i’m supposed to link this load ballancer with my network and what settings i have to do to the client pcs…..?
please help new in linux
August 11th, 2008 at 5:39 am
Excellent article, which explains LB and Failover using iproute2 commands.
September 12th, 2008 at 7:46 am
we installed a peplink with our company and it did not help with voip because the bandwidth was very slow..
we are looking at other load balancing and failover for voip and internet. plese could you let me know about
xroad network
xrio ubm
ande lfiq
thank you for any asistance
September 19th, 2008 at 1:38 am
I want something like this.
10.0.0.0/24
10.1.0.0/24
10.2.0.0/24
go from gateway 1 and
10.3.0.0/24
10.4.0.0/24
10.5.0.0/24
go from gateway 2
What extra entries i need to add please tell.
September 21st, 2008 at 9:38 pm
[...] currently have 1Mbps connection from Tata Indicom & 256Kbps connection from BSNL, both broadband connections are load balanced with fail-over for reliability and greater effective bandwid…. I am planning to add a third connection, preferably Airtel [...]
September 24th, 2008 at 4:37 am
hi,
i have a question hows many Network Cards do you have in computer. in your code u only mentioned 2 Interfaces on which u r getting the Internet but what about the other LAN Computers how they will get internet.
waiting for your reply.
thanks in advance.
September 24th, 2008 at 12:36 pm
3 Cards - 2 for different wan / internet connections and one for intranet.
October 7th, 2008 at 8:26 am
[...] instalei dois links + rede interna usando esse tutorial aqui: How To: Load Balancing & Failover With Dual/ Multi WAN / ADSL / Cable Connections on Linux Funcionou perfeitamente e nem precisa de regras [...]