Re: more than one default gw route
- From: Mike Pontillo <pontillo gmail com>
- To: John Mahoney <jmahoney waav com>
- Cc: networkmanager-list gnome org
- Subject: Re: more than one default gw route
- Date: Tue, 28 Apr 2009 13:52:45 -0700
Right. So that example is a different use case than mine, since it involves two ISPs, two different gateways, etc. Then the problem becomes "which of the two potential gateways that I have is able to access the internet", which is a somewhat harder problem (though not unsolvable).Then you have to start worrying about real <pings | http requests | whatever>, and the resulting potential for DoS. You also have to worry about corporate firewalls, HTTP proxies, etc, or you might start quickly running up the bill on your 3G card.
Mike
On Tue, Apr 28, 2009 at 1:36 PM, John Mahoney
<jmahoney waav com> wrote:
That would be required to have your computer persist active connections from the old interface to the new interface. Eventually, the connections will timeout and restart. Your also assuming both connections have mac addresses, this is not always the case with cell modems using ppp, which would be where fail over truly becomes very useful. It would be nice to have a data card always on, but only used as a last resort.
--
JohnOn Tue, Apr 28, 2009 at 4:20 PM, Mike Pontillo
<pontillo gmail com> wrote:
The kind of fail-over detection I was thinking of is focused on the use case of:
(1) a machine with both a wired and wireless connection, on a single network with a single gateway
(2) the user sometimes disconnects the wired connection and takes the laptop somewhere else
For this use case, you would not need any kind of continual ping. (if you were trying to have redundant ISPs, that would be a separate issue.) You would only need ARP to detect if the router is still "up" during a failover. For other use cases, I agree, you wouldn't want to limit yourself to ICMP pings.
I'm still pondering the potential security issues of a setup like this. Someone would have to set up a wireless network to look just like your wired network, and spoof the router MAC. But they wouldn't be able to pass the "bridge test". That is, you could confirm that it is the same network by sending out a packet on one interface and confirming that you receive it on the other.
MikeOn Tue, Apr 28, 2009 at 9:35 AM, John Mahoney
<jmahoney waav com> wrote:
I like the idea of the "MAC-detection or ping functionality", might I recommend using httping it tends to appear more friendly to the general public and is less likely to be dropped than a ping by networks.
The method of having multiply default routes with different weights is not the same as having two *active* default routes. If two defaults routes were active and load balancing was to be performed it would have to be balanced per (src ip,dest ip) tuple flows so that related connections were not confused.
I would love to see fail-over, as I'm sure many others would.
--
John
On Tue, 2009-04-28 at 17:47 +0200, Nicolò Chieffo wrote:
> So do you confirm that having more that one default route to gateway
> (at the same time) will break things down?
Oh, it won't break things down at all. But the first default route in
the routing table will be the one that gets used for new outgoing
connections. So it's pretty pointless to have more than one at a time.
Only one can truly the be the "default" route, and if you have more than
one, the lower-priority ones are more or less ignored by the kernel
entirely.
Dan
> If so, I will wait for a graphic way to disconnect devices separately.
> Is this in your plans?
_______________________________________________
NetworkManager-list mailing list
NetworkManager-list gnome org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]