Default route not on LAN
I have a network that in principle looks like this:
H1---\ /----Inet1
H2---->---GW1---<
H3---/ \----GW2-----Inet2
- H1 and H2 = Hosts that need access to internet with GW1
- Inet1 = Internet link over 3G connection
- Inet2 = 5GHz link to Internet (not always up)
- GW1 = Works as a router, automatically picking the "best" connection between Inet1 and Inet2 (the latter via GW2).
- GW2 = 5GHz wifi router
And here's the problem: H3 only needs internet access when Inet2 is up. What i was thinking of doing was a routing table that looks like this:
- route to GW2 via GW1
- default route is via GW2
I first set the route to GW2 via GW1 without a problem. But when i try
route add default gw 1.2.3.4
(1.2.3.4 being the IP of GW2), it complains "SIOCADDRT: No such device" Is the problem that the default gw i'm trying to set is not reachable directly? Is there a different approach that would allow me to achieve this?
An alternative (and hypothetical) approach: Since H3 will be using a static IP, is it possible to do some magic with iptables on GW1 to forward any packets from H3 to GW3, thereby "tricking" H3 into using GW2 as its default router?
PS: This question is a followup question to this one.
Your alternative approach could be achieved by using policy based routing. Something along the lines of (commands should be executed on GW1):
# Create rule for matching the source address in route table 999
ip rule add from 1.2.3.4/32 table 999
# Add default router to the table
ip route add default via <GW2> table 999
I don't have the possibility to test the commands, but they should be correct. Routing rules in table 999 are not visible in normal $ ip route show
- you need to append the table id: $ ip route show table 999
.
Since your question is light on specifics, the answer will also be light on specifics:
- Set H3's default gateway to GW1.
- Have GW1 always route traffic from H3 to GW2.
The "intelligence" of how to route packets must reside in the routers, not the end boxes. So your default gateway must be one directly accessible on the same subnet; that gateway must then figure out what to do with the packets to get them wherever they should go.