load balance with 2 or more red NIC with endian firewall

January 6, 2008 at 3:32 am 4 comments

The objective of this small howto is to make a load balance of the internet traffic between 2 or more red nics with STATIC IP (is a must)
1. Configure 1 red nic using the web interface
2. Open a ssh connexion as root to the firewall and enter to the folder /var/efw/uplinks (“cd /var/efw/uplinks”)
3. run the command “cp -p -r ./main ./link2 (if you have more red nics repeat this step but with ./link3 ./link4 ./link… you get the point)
4. Enter to each one of the copied folders and edit all of the parameter in the file “settings” except DEFAULT_GATEWAY, leave that one blank
5. Do the previous step with the folder main ( /var/efw/uplinks/main)
6. Recheck that all parameter for all of your links are set OK, and that all DEFAULT_GATEWAY fields are blank (is a must or else it wont balance the traffic)
7. Enter the directory /var/efw/inithooks (“/var/efw/inithooks”)
8. add to the files start.local updatered.active.local updatered.inactive.local updatered.local and updatewizard.local

route del default
route del default
route del default
route del default
ip route add default equalize scope global \
nexthop via <gateway link1> dev <iface link1> weight 1 \
nexthop via <gateway link2> dev <iface link2> weight 1 \
nexthop via <gateway link3> dev <iface link3> weight 1 \
.
.
.
NOTE: remove the ” \ ” in the last line
NOTE: i modify ALL those files because i do not know witch one endian use to generate the routing tables.

9. Restart your endian firewall
10. Wait 5 minutes or so an log to the firewall
11. Check your routes with the command “ip route”, it shoud show you all the gateways that are using in a round robin balance for the packets that goes out from your network to the internet.
12. HAVE FUN

Entry filed under: networking. Tags: .

ephemera Letto – Hantui Aku

4 Comments Add your own

  • 1. GreenRover  |  March 20, 2009 at 6:51 pm

    Hello, what type didt have the red interfaces?
    Network Static?

    Why leave EFAULT_GATEWAY blank? How didt the box know the Gateway ip?

    Reply
    • 2. foolbaby  |  July 15, 2009 at 4:44 am

      @GreenRover
      1. red interface is interface that connect to internet , or network card that have ip public.

      2. leave default gateway blank becouse we use the “equalize scope global” route.

      ip route add default equalize scope global \
      nexthop via dev weight 1 \
      nexthop via dev weight 1 \
      nexthop via dev weight 1 \

      actually this is the heart of the load balance. its use the round robin technique.

      Reply
  • 3. mohan  |  April 29, 2009 at 10:29 am

    sir m not understand compltely kindly guide me how to configure with 2 lan cards with 2 DSL connections. and how to access through internet my firewall. (i have static ip address )

    Reply
    • 4. foolbaby  |  July 15, 2009 at 4:55 am

      hi mohan,
      if u use the 2 dsl connection, and not bound it on the router piece. so the load balancing will not run optimum.
      if you want to runing your 2 dsl connection , just put it on the router m and use it on the client,
      so , if u want to use both dsl, just prepare 1 unit of pc, to be your router/gateway.

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed



%d bloggers like this: