[Firehol-support] Link Balancer - no routing

Tsaousis, Costa costa at tsaousis.gr
Wed Jul 5 20:49:40 BST 2017


Hi,

I think you have forgotten to NAT (snat or masquerade) LAN IPs to the
internet interfaces, so the LAN host are sent to the internet with private
IPs.

Costa


On Wed, Jul 5, 2017 at 9:42 PM, Christopher Howard <christopher at alaskasi.com
> wrote:

> Hi, I am trying to set up a link balancer. I didn't know Firehol /
> link-balancer existed until about two days ago, so be patient with me. I
> have things configured so it seems like default route(s) are showing up.
> When logged into the router, I can ping the Internet fine. However, from
> device connected to the LAN port, I receive IP address, and default
> route (to link balancer) is showing, but the device cannot ping the
> Internet. Presumably it is some problem with the way I have (or haven't)
> configured routing.
>
> On balancer box, I have:
>
> file:/etc/network/interfaces
> --------
> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).G!
>
> source /etc/network/interfaces.d/*
>
> # The loopback network interfacen stopped. Policy is ACCEPT EVERYTHING!
> auto lo
> iface lo inet loopback
>
> # WAN1 - Left most port
> allow-hotplug enp1s0
> iface enp1s0 inet dhcp
>
> # WAN2 - 2nd from left
> allow-hotplug enp3s0
> iface enp3s0 inet dhcp
>
> # WAN3 - 3rd from left
> allow-hotplug enp4s0
> iface enp4s0 inet dhcp
>
> # LAN1 - 4th from left
> allow-hotplug enp2s0
> iface enp2s0 inet static
>   address 192.168.235.1
>   netmask 255.255.255.0
>   broadcast 192.168.235.255
>   network 192.168.235.0
> --------
>
> file:/etc/firehol/firehol.conf
> --------
> interface any world
>         client all accept
>         server all accept
>
> connmark 0x1 interface enp1s0
> connmark 0x2 interface enp3s0
>
> router lan12wan1 inface enp2s0 outface enp1s0
>        server all accept
>
> router lan12wan2 inface enp2s0 outface enp3s0
>        server all accept
> --------
>
> file:/etc/firehol/link-balancer.conf
> --------
> LB_DEFAULT_IPV="4"
>
> gateway cable dev enp1s0 gw 192.168.1.1
> gateway sat1 dev ensp3s0 gw 192.168.0.1 check 66.82.4.8
>
> table 1
>       default via cable
>
> table 2
>       default via sat1
>
> table main
>       default via cable weight 150
>       default via sat1 weight 50
>
> policy
>         connmark 0x1 table 1
>         connmark 0x2 table 2
> --------
>
> Also on balancer box I see:
>
> #
> cat /proc/sys/net/ipv4/ip_forward
> 1
>
>  # ip
> route
> default via 192.168.1.1 dev
> enp1s0
> 192.168.0.0/24 dev enp3s0 proto kernel scope link src
> 192.168.0.5
> 192.168.1.0/24 dev enp1s0 proto kernel scope link src
> 192.168.1.12
> 192.168.235.0/24 dev enp2s0 proto kernel scope link src
> 192.168.235.1
>
> (For testing sat1 link is currently down.)
>
> Have I forgot/misconfigured anything obvious?
>
> --
> Christopher Howard
> Computer Assistant
> Alaska Satellite Internet
> 3239 La Ree Way
> Fairbanks, Alaska 99709
> 1-888-396-5623
> https://alaskasatelliteinternet.com
> personal web site: https://qlfiles.net
>
>
>
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
> http://lists.firehol.org/mailman/listinfo/firehol-support



More information about the Firehol-support mailing list