Splitting International and Local Bandwidth with IPcop

Bernie

Expert Member
Joined
May 2, 2006
Messages
1,947
#21
Yup, hostname is a SAIX address. It looks like this:

IPCop's Hostname: dsl-146-xxx-xxx.telkomadsl.co.za

Where does the "isadsl" come from then in your setup. Are you using WA IS accounts or SAIX accounts. Do you perhaps have any IS profiles setup in IPcop, maybe old ones that are set to dial up in case your primary profile fails to connect. I have disabled the fail over option in all my profiles, thats just a personal choice not for any technical reason.
 

sleeper

Well-Known Member
Joined
Sep 30, 2005
Messages
273
#22
No, I have a SAIX WA Account, and a IS WA Account - not sure why it is using the isdsl one - and the IPCop box is a brand new install, and none of the fail over things are enabled.
I think the isdsl thing came in when I disconnected ppp0 via the webinterface and reconnected. For a brief momeny only ppp1 (IS) was up, and maybe it then decided to use isdsl iso telkomadsl as the hostname.

Hehhehhe, most of this stuff is anyways greek to me :)

Going out now, but when I get back I'll investigate a bit more.

Cheers
 

ASS_SAZiN`

Senior Member
Joined
Jul 14, 2005
Messages
518
#25
Hi,

Some thing just went wrong the script, think it's the same issue as sleeper?

My Ipcop hostname is blank, and no pages want to load and upon doing a trace route i discovered that no addresses are getting resolved and that all traffic is routing via my saix account(international). Have no clue what may have caused this! It just happened, out of the blue one day, well the only change was that I changed my local account's, account settings (username passs).
 
Last edited:

Bernie

Expert Member
Joined
May 2, 2006
Messages
1,947
#26
What did you do to resolve the issue. Sounds like DNS is getting corrupted somehow. I havent yet experienced this problem, but might be worthwhile manually putting in the DNS servers in the Dialup profile screen of the primary profile, instead of it being automatic.

Another possible problem is that the static routes are being added before the PPPoE session is actually created, so that once the session is created there are actually no routes for the interface. It also might be worth changing the sleep time to a higher number right after the connection request (just before the route commands) to make sure the connection is actually live before the routes are added. Maybe to 10secs, will have to play with that. But sofar for me the 5secs seems to be ok.

-----------------------
<snip>
/usr/sbin/pppd plugin rp-pppoe.so eth1 usepeerdns noipdefault nodefaultroute ipcp-accept-local ipcp-accept-remote passive noccp nopcomp novjccomp user $PPUSER password $PPASS lcp-echo-interval 20 lcp-echo-failure 3 lcp-max-configure 50 maxfail 5
sleep 5
echo "Setting up routes..."
route add -net 129.227.206.0 netmask 255.255.255.0 $LOCAL
route add -net 129.227.207.0 netmask 255.255.255.0 $LOCAL
route add -net 129.227.208.0 netmask 255.255.255.0 $LOCAL
<snip>
-----------------------
Let me know if these changes made any difference if implemented.

Cheers.
 

Paul_S

Expert Member
Joined
Jun 4, 2006
Messages
4,456
#27
Using sleep for this task is evil! :D

I set up dual PPPoE connections on my Kubuntu.
What you want to do is define the interfaces as ppp0, ppp1, pppX in /etc/network/interfaces.

Then in /etc/ppp/ip-up.d/ create a new file (name is not important but I called mine zanet) and add your routes there. The files in /etc/ppp/ip-up.d/ are executed as soon as new IP link is established.


#!/bin/sh -e
# Called when a new interface comes up

# add custom routing for zanet (local South Africa) on ppp1 device
if [ "$PPP_IFACE" = "ppp1" ]
then

# Add routes here ...

fi
 

Bernie

Expert Member
Joined
May 2, 2006
Messages
1,947
#28
Using sleep for this task is evil! :D
100% :D

and what you specify is definately a more correct way to do it.

But this was quick and easy to setup. :cool:

Also IPcop doesnt have the directories you specified (not that I could find), which I guess are generally standard on kubuntu, suse, debian, gentoo etc. etc.

I will have to go back to digging around in the rc.d scripts to get this 100% right.

Thanks.
 

MobileAllOver

Well-Known Member
Joined
Jan 11, 2006
Messages
401
#29
With regards to the SMTP server, just use smtp.isdsl.net... Better to use local bandwidth. And add static DNS entry for smtp.saix.net that points to your IS server
 
Joined
Feb 6, 2007
Messages
15
#30
For some stupid reason my ipcop machine keeps dropping ppp0 although the connection is persistent and idle timeout is set to 0 but that is an issue for later.

However when ppp0 is connected with ppp1 I can traceroute/ping local traffic but not international traffic. Any ideas on this or am I being dumb.

With ppp0 down I obviously get an error from traceroute that says "Cant find interface" when checking international hosts but local hosts work fine this tells me that the routing tables are set up properly.

When ppp1 is down I can traceroute local and international traffic no problem but I think this is because default routing rules are being used (i.e all traffic is told to route through ppp0)

The only mods I did to rt.set were adding my username and password for the second ppp connection so I can't see it being that.

I don't know if it matters but both accounts are IS 3/27Gb accounts but I cannot see that this would make a difference.


Any help will be appreciated. :(
 
Joined
Feb 6, 2007
Messages
15
#31
I just thought maybe I messed up and switch the two accounts around, but I changed the details of ppp0 and ppp1 around but still no luck.

I also tried 2 uncapped accounts this also did not work, I'm trying to get hold of a SAIX account to see if the problem is because of the fact that I get the same GW address on ppp0 and ppp1 when connected with 2 IS accounts.
 

Bernie

Expert Member
Joined
May 2, 2006
Messages
1,947
#32
For some stupid reason my ipcop machine keeps dropping ppp0 although the connection is persistent and idle timeout is set to 0 but that is an issue for later.
Just to be sure, are you saying ppp0 drops even without the second pppd connection.

However when ppp0 is connected with ppp1 I can traceroute/ping local traffic but not international traffic. Any ideas on this or am I being dumb.
The only thing I think of is to make sure that the default route gets setup for ppp0 and that the NAT/ MASQUERADING is setup.

Maybe type in this in at the command prompt when you cant route international, see if it makes a difference:

iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE

What do you get when you enter this: (when your ppp0 seems to not work):

route|grep ppp0

Maybe also manually enter the default route:

route add default dev ppp0 metric 0

If you dropping ppp0 anyway, there may be a problem with the connection its self.

I have used SAIX int and SAIX local no prob. SAIX int and IS local, no prob, so I cant see that using IS for both would be a problem either.
 

hj2k_x

Honorary Master
Joined
Jan 22, 2006
Messages
30,751
#33
How many of you guys have tried this successfully? Could be something really really great for a South African context, despite the somewhat complicated setup...
 

sleeper

Well-Known Member
Joined
Sep 30, 2005
Messages
273
#34
My setup seems to be working fine now. My IPCop machine's HDD crashed, so I had to re-install, and now everything seems to be working 100% now, except for the occasional problem with the ISP resets.
Seems that when ppp0 goes down, and then the routes disappear somehow, and ppp0 comes back up before cron job ran. Then ppp0 and ppp1 is there, but the routes are missing (I think this is what is happening – cause the routes somehow disappear). I am thinking of perhaps changing the script to check the route table for a specific IP address, and if it doesn’t exist and ppp1 is up, kill ppp1 and wait for the script to recreate it when it runs again.

But, like I said, this happens very rarely. Most of the times this setup works excellent.
 
Joined
Feb 6, 2007
Messages
15
#35
Just to be sure, are you saying ppp0 drops even without the second pppd connection.


The only thing I think of is to make sure that the default route gets setup for ppp0 and that the NAT/ MASQUERADING is setup.

Maybe type in this in at the command prompt when you cant route international, see if it makes a difference:

iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE

What do you get when you enter this: (when your ppp0 seems to not work):

route|grep ppp0

Maybe also manually enter the default route:

route add default dev ppp0 metric 0

If you dropping ppp0 anyway, there may be a problem with the connection its self.

I have used SAIX int and SAIX local no prob. SAIX int and IS local, no prob, so I cant see that using IS for both would be a problem either.
Yes the connection drops with and without ppp1

tried setting up NAT/MASQ with above command still no luck as well as adding the route manually.

I have piped the routing table to a file if you are interested just let me know how to get it to you

this is the output of route|grep ppp0

c1-1-1.tpr.isad * 255.255.255.255 UH 0 0 0 ppp0
default * 0.0.0.0 U 0 0 0 ppp0
default c1-1-1.tpr.isad 0.0.0.0 UG 0 0 0 ppp0
 

ColinR

Expert Member
Joined
Aug 24, 2006
Messages
3,752
#37
My IPCop machine is too slow to do the job, so I want to use another machine, but then I need a File/Print & email server thrown in - after some looking around, I found Clark Connect, which I have downloaded and am going to install on monday.

Features:
* Internet Gateway
* Firewall
* VPN
* E-mail
* Bandwidth and P2P Manager
* Multiwan
* Intrusion Prevention
* Web and FTP Servers
* Antispam/Antivirus
* Content Filtering
* File and Print Services
* Data backup
* Groupware


I presume I'd be able to run the same script and crontab entry. So I may just have the solution I'm looking for.

Any elaboration on your post Paul_S, I'm clueless on linux :eek:. The more automatic this is the better - I suppose. (Not that Bernie's way doesn't work)
 
Joined
Feb 6, 2007
Messages
15
#38
My IPCop machine is too slow to do the job, so I want to use another machine, but then I need a File/Print & email server thrown in - after some looking around, I found Clark Connect, which I have downloaded and am going to install on monday.
another nice all-in-one solution is SME Server (currently ver 7.1) it is debian based and has VPN, Firewall, Mail, Webmail, File and Print sharing etc

see SME Server I have used this distro at a few of my smaller clients and the web IF makes it easy to configure for the most common tasks.
 

Bernie

Expert Member
Joined
May 2, 2006
Messages
1,947
#39
Yes the connection drops with and without ppp1

tried setting up NAT/MASQ with above command still no luck as well as adding the route manually.

I have piped the routing table to a file if you are interested just let me know how to get it to you

this is the output of route|grep ppp0

c1-1-1.tpr.isad * 255.255.255.255 UH 0 0 0 ppp0
default * 0.0.0.0 U 0 0 0 ppp0
default c1-1-1.tpr.isad 0.0.0.0 UG 0 0 0 ppp0
It looks ok. Maybe one of the networking guru's can confirm this. My routing table table for ppp0 basically looks the same:

HTML:
smtp.saix.net   *               255.255.255.255 UH    0      0        0 ppp0
dsl-242-64-01.t *               255.255.255.255 UH    0      0        0 ppp0
default         *               0.0.0.0         U     0      0        0 ppp0
default         dsl-242-64-01.t 0.0.0.0         UG    0      0        0 ppp0
The last thing I can think of (and I may be way off here) is that there is a DNS issue thats not letting you connect.

From one of your client PC's that connect through IPcop, what do you get when you do this:

nslookup www.google.com

I get the following:

C:\Documents and Settings\enduser>nslookup www.google.com
Server: ipcop.localdomain
Address: 192.168.1.1

Non-authoritative answer:
Name: www.l.google.com
Addresses: 66.102.7.147, 66.102.7.104, 66.102.7.99
Aliases: www.google.com


If this is not the issue, then I am all exhausted out for ideas.

Anyone else have any ideas what could be happening or what to check.
 
Joined
Feb 6, 2007
Messages
15
#40
Did not have time to look into the matter further over the weekend, however I just took another PC I had lying around with 2 other NICs and got IPCop 1.4.11 running it and I still get no ruote to international sites.

If 1 connection disconnects I get ping reply from int source (ie only ppp0 or ppp1 is active) as soon as both connections are made nothing.

Strange thing if I go (remember ppp0 is INT and ppp1 is LOCAL)

route add -net {SOME INTERNATIONAL IP} netmask 255.255.255.0 ppp1


I get a reply from the international address (Only damn slowly though)

If I take a working local route and go

route add -net {SOME LOCAL IP} netmask 255.255.255.0 ppp0

it stops working until I route it back to ppp1.

I need to know
1)What version of IPCop are you running on your working box
2)Any Idea why when ppp1 would connect it breaks ppp0 completely
 
Top