[clue-tech] choosing a default route based on traffic type?
Jim Ockers
ockers at ockers.net
Tue Apr 13 14:52:42 MDT 2010
Hi CLUEbies,
I have an interesting networking problem. We have very expensive but
super reliable satellite network connections, and a backup terrestrial
cell phone connection that may or may not always work, but if it does
it's a lot cheaper than the satellite.
Both the cell phone "modem" and the satellite modem provide ethernet
connectivity with IP. We want to route IP packets to one or the other
of these based on some factors OTHER than simply the destination.
Specifically we want all HTTP and HTTPS traffic to be sent over the cell
network (including replies, not just the requests) and other traffic
should stay on the satellite connection. If we can get this to work we
will come up with some other requirements too I'm sure.
We can not use a proxy server like squid because of limited computing
power and limited disk space.
We tried to use iproute2 with netfilter/iptables mangle and fwmark to
make the routing decision. The linux kernel in the router was designed
for an embedded system and was compiled without some important netfilter
options (including support for the mangle table). We can recompile the
kernel and deploy a new OS to all of our remote satellite routers but
that is quite a bit of work and is risky.
Can anyone out there think of some other way to route particular (as
determined by layer 4 and above) traffic (bi-directionally) over one
network and through one "default" gateway, and all other traffic through
another "default" gateway? Is the only way to do this via iproute2 and
fwmark? We are open to very clever suggestions...
We can make separate IP address ranges for the cell phone modem and
satellite modem so that the end user system which originates the traffic
will always get its replies from the same place. The only system that
needs to have a complicated routing table and routing rules should be
the router itself, which talks to both the cell phone modem and the
satellite modem.
I think something like this might work and is along the same lines, but
they each use the mangle table too:
http://lists.netfilter.org/pipermail/netfilter/2001-June/012602.html
http://mailman.ds9a.nl/pipermail/lartc/2004q1/012247.html
Thanks,
Jim
--
Jim Ockers, P.Eng. (ockers at ockers.net)
Contact info: http://www.ockers.ca/pason.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue-tech/attachments/20100413/b85467c6/attachment.html
More information about the clue-tech
mailing list