User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
router:multiisp [2024/02/09 12:44] willyrouter:multiisp [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
Line 1: Line 1:
-====== Dynamic upstream routing ====== 
- 
-Linux has very powerful routing capabilities, and it would be a waste not to leverage them. If you also happen to have two ISPs, you can combine those routing capabilities to obtain an highly resilient and maybe even load-balanced home network. 
- 
-Let's assume you have **two** upstream connections (for example, one could be a cell phone link, only for emergencies) it would be great to be able to: 
-  * Switch between the two ISPs when one goes down 
-  * Route access to specific servers trough ISP1 or ISP2 
-  * Route specific services trough ISP1 or ISP2 
-  * Load-balance your traffic 
- 
-Having two ISPs is important for redundancy. When you start to rely on your home services for your everyday life you want them to be always accessible, so if ISP1 goes down switch to ISP2. 
- 
-If your ISP1 is, for example, much faster **but** with a data-cap, while ISP2 is slower, but with unlimited data? It would be great to route all traffic trough ISP1, but some apps (like //usenet// or //torrent//) trough ISP2... 
- 
-More over, you will want to set-up two SSH tunnels one trough ISP1 and one trough ISP2 so in any case you have remote access. 
- 
-To achieve this you need to operate on two levels: 
-  * At **NAT** level to set specific rules for packet filtering & modification inside the kernel 
-  * At **route** level, because packets **need** to be properly routed outside 
- 
-===== Automatic ISP handoff ===== 
-<WRAP center round todo 60%> 
-TBD 
-</WRAP> 
- 
- 
-===== select ISP based on destination ===== 
- 
-I will assume ISP1 is your **default gateway**, and you can have only one default route. The basic idea is that if i want to reach //external-server1// via ISP2, i need to add one **route** rule //and// one **nft** rule.  
- 
- 
-===== select ISP based on service ===== 
- 
-https://access.redhat.com/sites/default/files/attachments/rh_ip_command_cheatsheet_1214_jcs_print.pdf 
- 
- 
- 
-Make service 1 always go trough ISP2. 
-https://datahacker.blog/industry/technology-menu/networking/routes-and-rules/iproute-and-routing-tables 
- 
-./usr/lib/iproute2/rt_tables 
- 
- 
-<code> 
-ip rule add from xxx lookup service1_table 
-ip rule add uidrange 100-200 lookup service1_table 
-ip route add default via 192.168.1.10 dev xxx table service1_table 
- 
-ip rule list 
-<code> 
-ip netns add test 
- 
-ip link set tun0 netns test 
- 
-ip netns exec test <command to run against that namespace> 
-</code> 
- 
-  631  ip rule add uidrange 398-398 lookup downloaders 
-  632  vi /etc/passwd 
-  633  ip route add default via 192.168.1.254 dev enp59s0u2u4c2 table downloaders 
- 
- 
-==== Automation  ==== 
-[[https://github.com/gardiol/routes-setup.git|routes setup script]] 
- 
- 
-====== All done? ====== 
- 
-Now you can access internet safely from the home network.  
- 
-To learn how to reach the internal server from the **internet**, head to the [[selfhost:ssh_tunnel|SSH tunnel description]] 
- 
- 
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information