[Firehol-support] Link Balancer - no routing

Christopher Howard christopher at alaskasi.com
Wed Jul 5 19:42:27 BST 2017 

Hi, I am trying to set up a link balancer. I didn't know Firehol /
link-balancer existed until about two days ago, so be patient with me. I
have things configured so it seems like default route(s) are showing up.
When logged into the router, I can ping the Internet fine. However, from
device connected to the LAN port, I receive IP address, and default
route (to link balancer) is showing, but the device cannot ping the
Internet. Presumably it is some problem with the way I have (or haven't)
configured routing.

On balancer box, I have:

file:/etc/network/interfaces
--------
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).G!

source /etc/network/interfaces.d/*

# The loopback network interfacen stopped. Policy is ACCEPT EVERYTHING!
auto lo
iface lo inet loopback

# WAN1 - Left most port
allow-hotplug enp1s0
iface enp1s0 inet dhcp

# WAN2 - 2nd from left
allow-hotplug enp3s0
iface enp3s0 inet dhcp

# WAN3 - 3rd from left
allow-hotplug enp4s0
iface enp4s0 inet dhcp

# LAN1 - 4th from left
allow-hotplug enp2s0
iface enp2s0 inet static
  address 192.168.235.1
  netmask 255.255.255.0
  broadcast 192.168.235.255
  network 192.168.235.0
--------

file:/etc/firehol/firehol.conf
--------
interface any world
        client all accept
        server all accept

connmark 0x1 interface enp1s0
connmark 0x2 interface enp3s0

router lan12wan1 inface enp2s0 outface enp1s0
       server all accept

router lan12wan2 inface enp2s0 outface enp3s0
       server all accept
--------

file:/etc/firehol/link-balancer.conf
--------
LB_DEFAULT_IPV="4"

gateway cable dev enp1s0 gw 192.168.1.1
gateway sat1 dev ensp3s0 gw 192.168.0.1 check 66.82.4.8

table 1
      default via cable

table 2
      default via sat1

table main
      default via cable weight 150
      default via sat1 weight 50

policy
        connmark 0x1 table 1
        connmark 0x2 table 2
--------

Also on balancer box I see:

#
cat /proc/sys/net/ipv4/ip_forward                                                                                                
1

 # ip
route                                                                                                                          
default via 192.168.1.1 dev
enp1s0                                                                                                                            
192.168.0.0/24 dev enp3s0 proto kernel scope link src
192.168.0.5                                                                                             
192.168.1.0/24 dev enp1s0 proto kernel scope link src
192.168.1.12                                                                                            
192.168.235.0/24 dev enp2s0 proto kernel scope link src
192.168.235.1                                                                                                                                                            

(For testing sat1 link is currently down.)

Have I forgot/misconfigured anything obvious?

-- 
Christopher Howard
Computer Assistant
Alaska Satellite Internet
3239 La Ree Way
Fairbanks, Alaska 99709
1-888-396-5623
https://alaskasatelliteinternet.com
personal web site: https://qlfiles.net

More information about the Firehol-support mailing list