Subscribe via RSS
Chris Olstrom (.com)
If knowledge has instrinsic value, sharing it enriches us all.

Dual WAN Configuration with Linux

Written by in Guides

This article presents a straightforward approach to Dual WAN configuration with Linux (using multiple independent internet connections on one system). While the examples provided are for multiple ethernet connections, they could easily apply to a mixed ethernet/wireless system with some minor changes.

Requirements

  • PC or router running GNU/Linux (tested on Debian/Ubuntu/Gentoo)
  • Multiple WAN Connections, either from the same ISP or different ones
  • A dedicated ethernet adapter for each connection.

Assumptions

Configuration of your interfaces is outside the scope of this guide. It assumes that you have multiple network connections connected and configured (being a dual WAN guide, this should make sense). Preset IP addresses are also assumed (either static IPs or a predictable DHCP setup, such as one that assigns a consistent IP to a given MAC address).

The interfaces must also be active (not stopped). Thanks for Mickael Maddison pointing out that I hadn’t mentioned that.

Example Setup

In this example, I have a 15MBit Cable connection via Shaw on eth1, and a 25MBit VDSL connection via TELUS on eth2.

  • eth1 – IP 192.168.254.100 / Gateway 192.168.254.1
  • eth2 – IP 192.168.1.100 / Gateway 192.168.1.254

Simple Configuration
First, we need to add two lines to /etc/iproute2/rt_tables

1 Shaw
2 TELUS

And then set up the routing for those tables.

# ip route add 192.168.254.0/24 dev eth1 src 192.168.254.100 table Shaw
# ip route add default via 192.168.254.1 table Shaw
# ip route add 192.168.1.0/24 dev eth2 src 192.168.1.100 table TELUS
# ip route add default via 192.168.1.254 table TELUS
# ip rule add from 192.168.254.100 table Shaw
# ip rule add from 192.168.1.100 table TELUS

Set up evenly weighted round-robin routing for the interfaces.

# ip route add default scope global nexthop via 192.168.254.1 dev eth1 weight 1 nexthop via 192.168.1.254 dev eth2 weight 1

The concepts outlined here also work for dual WAN configurations using virtual interfaces (aliases). This allows us to configure multiple IPs on a single interface. While this doesn’t have a lot of practical advantages for desktop users, there is significant value for servers. Thanks to Mickael Maddison for testing this.

Keep in mind that multiple virtual interfaces would still be a single physical connection though, so the maximum throughput would stay the same. This could also be used to allow a single ethernet card to span multiple subnets.

Fixes and workarounds
In the event that you receive a “RTNETLINK answers: File exists” error, replace the last entry with…

# ip route append default scope global nexthop via 192.168.254.1 dev eth1 weight 1 nexthop via 192.168.1.254 dev eth2 weight 1

Then remove the earlier route:

# ip route del

Alternatively, omitting both

# ip route add default via 192.168.254.1 table Shaw
# ip route add default via 192.168.1.254 table TELUS

should prevent this as well.

Slightly more complex configurations
In addition to the basic setup here, we can weight the interfaces differently, to favour one over the other (useful if one is a larger pipe, as in my setup here).


# ip route append default scope global nexthop via 192.168.254.1 dev eth1 weight 2 nexthop via 192.168.1.254 dev eth2 weight 3

In the case of IP-bound services (example: a GigaNews account, which does not allow simultaneous connections from different IPs), a static route is simple to configure:


# ip route add 216.196.97.131 via 192.168.1.254

If one of your ISP blocks DNS queries from non-subscribers, then you will need to make sure that your primary DNS server is ISP-agnostic. Google Public DNS is a great solution for this. Add the following entries to /etc/resolv.conf:

nameserver 8.8.8.8
nameserver 8.8.4.4

Sources

Copyright secured by Digiprove © 2011 Chris Olstrom

No related posts.

7 Comments - Leave a comment!

Finished reading? Try one of the following:

  • Tell me what you think in the comments!
  • Get the feed, and keep tabs on new content.
  • Write a response on your blog, and post a link in the comments.
Readability - (FRE: 71.4 | FKI: 4.6 | GFI: 7.5)
7 Responses to Dual WAN Configuration with Linux
  1. mishkin
    December 19, 2008 | 07:27

    nice, my server is 2x1gbit and I think I need to configure the load balancing myself so this should come in handy

    Reply
  2. bob
    February 28, 2009 | 05:40

    NO DNS, ping = connect: Network is unreachable

    —rt_tables file
    #added these two
    200 uplink1
    201 uplink2
    —resolv.conf file
    #router ip's for DNS servers
    nameserver 192.168.1.1
    nameserver 192.168.0.1
    —interfaces file
    auto eth0
    iface eth0 inet static

    address 192.168.1.2
    netmask 255.255.255.0
    post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.2 table uplink1
    post-up ip route add default via 192.168.1.1 table uplink1
    post-up ip rule add from 192.168.1.2 table uplink1
    post-down ip rule del from 192.168.1.2 table uplink1

    auto eth1
    iface eth1 inet static

    address 192.168.0.3
    netmask 255.255.255.0
    post-up ip route add 192.168.0.0/24 dev eth1 src 192.168.0.3 table uplink2
    post-up ip route add default via 192.168.0.1 table uplink2
    post-up ip rule add from 192.168.0.3 table uplink2
    post-down ip rule del from 192.168.0.3 table uplink2

    ip route add default scope global nexthop via 192.168.1.1 dev eth0 weight 1 nexthop via 192.168.0.1 dev eth1 weight 1

    Reply
    • Chris Olstrom
      March 3, 2009 | 01:10

      The problem seems to be in your /etc/resolv.conf file. You may need to use an ISP or interface-neutral DNS service (such as OpenDNS). What is (likely) happening is that your primary DNS entry is 192.168.1.1, and when queries are sent from the interface on 192.168.0.0/24, it fails due to a subnet mismatch. Depending on your network setup, you may be able to resolve this with a different subnet (/16 would be the catch-all variant, but is likely broader than appropriate).

      Try setting your /etc/resolv.conf to use Google’s Public DNS (8.8.4.4 and 8.8.8.8) or OpenDNS (208.67.222.222 and 208.67.220.220), and see if that helps.

      Reply
  3. bob
    March 3, 2009 | 05:00

    You might be correct on the larger subnet. I noticed that none of my pings (IP address) work either, unless they are internal to the lan. I added a gateway to my first nic and … all is good! Thanks a lot for the help!

    Reply
    • Chris Olstrom
      April 2, 2009 | 06:13

      Glad to hear everything worked out well for you!

      Reply
  4. Multiple ADSL internet connections one pc one lan - Linux / UNIX Forum
    January 31, 2010 | 05:38

    [...] minez-inspirate.blogspot.com/…ter-using.html http://www.linuxquestions.org/linux/…_Multiple_DSLs chris.olstrom.com/blog/howto/setup-dual-wan/ Please help [...]

    Reply
  5. [ubuntu] Increase Bandwidth in work while there is a bandwidth restricting Firewall | Coders & Admins
    September 16, 2011 | 15:45

    [...] [ubuntu] Increase Bandwidth in work while there is a bandwidth restricting Firewall No Comments I’m not a noob but I’m definitely not intermediate either when it comes to Linux. At my workplace we have a SonicWALL Firewall and the network admin has a bandwidth cap on how much traffic a single machine can take in. I have 2 Nic cards lying around so theoretically if I were to make the firewall think each connection is a new PC I should get 2x the traffic… right? would anyone know where to point me on how to get this set up or have suggestions for me? I tried the steps here but to no avail http://chris.olstrom.com/howto/setup-dual-wan/ [...]

    Reply
Leave a Reply

Wanting to leave an <em>phasis on your comment?

Trackback URL http://chris.olstrom.com/howto/setup-dual-wan/trackback/
More in Guides (8 of 10 articles)