2015-10-11

Dual WAN Load Balancing And FailOver with CentOs / Fedora / RedHat , Linux

This article presents a straightforward approach to Dual WAN Load Balancing and Failover with Linux (using multiple independent internet connections on one system). While the examples provided are for multiple ethernet connections, they could easily apply to a mixed ethernet/wireless system with some minor changes.
Note: Load balancing doesn’t increase connection speed for a single connection. Its benefits are realized over multiple connections like in an office environment. The benefits of fail-over are however realized even in a single user environment.
For fail over the best approach is to use a user space script to monitor connections and dynamically change routing information.
The Setup
In this example, I have a 5Mbps Cable connection via ROL on eth0, and a 2Mbps ADSL2 connection via Dhiraagu on eth1. And my local Connection On eth2
  • eth1 – IP 172.16.0.100 / Gateway 172.16.0.1
  • eth2 – IP 10.1.0.100 / Gateway 10.1.0.1
  • eth2 – IP 192.168.0.1
Configuration
First, we need to add two lines to /etc/iproute2/rt_tables

1 ROL
2 DHIRAAGU
And then set up the routing for those tables.

ip route add 172.16.0.0/24 dev eth0 src 172.16.0.100 table ROL
ip route add default via 172.16.0.1 table ROL
ip route add 10.1.0.0/24 dev eth1 src 10.1.0.100 table DHIRAAGU
ip route add default via 10.1.0.1 table DHIRAAGU
ip rule add from 172.16.0.100 table ROL
ip rule add from 10.1.0.100 table DHIRAAGU
Traffic evenly Divided upon both interfaces.
ip route add default scope global nexthop via 172.16.0.1 dev eth0 weight 1 nexthop via 10.1.0.1 dev eth1 weight 1
In addition to the normal setup here, we can weight the interfaces differently, to favour one over the other (useful in my case cause in my scenario ROL bandwidth is higher then Dhiraagu ). 
ip route add default scope global nexthop via 172.16.0.1 dev eth1 weight 2 nexthop via 10.1.0.1 dev eth2 weight 3
In the case of IP-bound services (Site’s Like Bankofmaldives , which does not allow simultaneous connections from different IPs), a static route is simple to configure:
ip route add 123.176.23.68 via 172.16.0.1
If one of your ISP blocks DNS queries from non-subscribers, then you will need to make sure that your primary DNS server is ISP-agnostic. Google Public DNS is a great solution for this. Add the following entries to /etc/resolv.conf:
nameserver 8.8.8.8
nameserver 8.8.4.4

 

 

To setup fail-over

Download the script which checks for and provides fail-over over dual Wan connections and save it to /usr/sbin directory (or any other directory which is mounted available while loading the OS).
Change the file permissions to 755:
chmod 755 /usr/sbin/gwping
And
nano /usr/sbin/gwping
Change the flowing
IP Address or domain name to ping. The script relies on the domain being pingable and always available
TESTIP=www.google.com
Ping timeout in seconds
TIMEOUT=2
External interfaces
EXTIF1=eth0
EXTIF2=eth1
IP address of external interfaces. This is not the gateway address.
IP1=172.16.0.100
IP2=10.1.0.100
Gateway IP addresses. This is the first (hop) gateway, could be your router IP
address if it has been configured as the gateway
GW1=172.16.0.1
GW2=10.1.0.1
# Relative weights of routes.
W1=1
W2=4
Broadband providers name; use your own names here.
NAME1=ROL
NAME2=DHIRAAGU
No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=4
FAILUREREPEATCOUNT=1
 
Add the following line to the end of /etc/rc.local file: nohup /usr/sbin/gwping

No comments:

Post a Comment