Saturday 6 June 2009

Split local/international network traffic between different adsl accounts on kubuntu.

I was able to setup my internet on my laptop so that my local internet traffic gets charged at local rates (1/4 of the price for me).
This page helped me but it's a bit old and a little different to what I needed, so I thought I'll write down my steps (mostly copied and adjusted from said page).

My setup:
os = kubuntu 9.04 jaunty
isp = webafrica and I'm very happy with them
router = Mega 105 WR

  • Some tutorials say you need to change your router mode to be bridged, but I found out that mine is automatically in semi-bridge mode: I setup my main account on the router which can be used by all the computers in the house, but on my laptop I can setup an additional connection which gets bridged through the router.
  • sudo apt-get install ppp pppoeconf
    (ppp includes rp-pppoe.so, which is installed manually by the original instructions, but I didn't have to since its in ppp)
  • Run pppoeconf
    • Accept the defaults provided by pppoeconf and say yes to the start at boot option.
    • I just answered yes to the "'noauth' and 'defaultroute'" question, since I changed it later in any case.
    • It asks you for a username/password, this is your local adsl account authentication parameters as provided by your ISP.
    • Now test the connection with sudo pon dsl-provider
    • If you list the interfaces with ifconfig you should see ppp0 listed (and it should get an ip address).
    • Disconnect ppp0 before continuing. sudo poff dsl-provider
  • Edit /etc/ppp/peers/dsl-provider by hand.
    Only the parameters that you need to check are listed.
    A hash before the line means the line is commented out.
    sudo kate /etc/ppp/peers/dsl-provider
    noipdefault
    # defaultroute
    # replacedefaultroute
    # usepeerdns
    So be sure that the above 3 parameters are commented out.
    (We only want to use the DNS servers provided from the ISP from the international traffic.)
  • sudo kate /etc/network/interfaces
    At the bottom of it you should have something like this:

    manual ppp0
    iface ppp0 inet ppp
    provider dsl-provider
    pre-up /sbin/ifconfig wlan0 up # line maintained by pppoeconf

    #auto wlan0
    #iface wlan0 inet manual

    • I make ppp0 manual since I need to wait for my wireless lan to connect before I can connect to the local internet. With this I can have full control, which is good since I don't want to leave it on too long because you are directly on the internet now and you're router's firewall isn't protecting you from local traffic.

    • I comment out the wlan0 section so that the network manager won't ignore it. You can remove it completely.

    • Test the connections to make sure there are no problems.
      sudo ifup ppp0
      ifconfig should list ppp0
      sudo ifdown ppp0


  • Static routing
    Now the fun part where we actually get the traffic flowing.
    We need to tell the system to route all the South African traffic through the ppp0 interface instead of the wlan0 or eth0 interface.
    We'll use static routing to do this.

    Download Armin's list of local routes from http://alm.za.net/ip/localroutes4.txt
    The list is updated every 24 hours and we'll use it instead of duplicating his work.
    It contains all the network addresses that are specific to South Africa.
    Save the file in /tmp and then move it to /etc/ppp/ :
    sudo mv /tmp/localroutes4.txt /etc/ppp

    We need to create a small script that tells the system to add the routes to the interface when if comes up.
    Create a file in /etc/ppp/ip-up.d/ called "zanet".
    sudo kate /etc/ppp/ip-up.d/zanet

    Paste the following in the file :

    #!/bin/sh -e
    # Called when a new interface comes up

    # add custom routing for zanet (local South Africa) on ppp0 device
    if [ "$PPP_IFACE" = "ppp0" ]
    then
    cat /etc/ppp/localroutes4.txt | sed s/'\$LOCAL'/$PPP_IFACE/ | while read localroute
    do
    # Change net to host for /32 addresses
    # This is a bug workaround - Armin must fix his list script.
    if [[ $localroute =~ "/32" ]]
    then
    localroute=`echo $localroute | sed s/net/host/`
    $localroute
    else
    $localroute
    fi
    done
    fi

    # We need to route DNS lookups via ppp0 (SAIX) instead of ppp1 (IS)
    # The static routing will cause the DNS lookups to be made through the local IS
    # connection and the SAIX network will block the lookups because they don't originate
    # from their network.

    #uncomment the following if you are using different isps:

    #if [ "$PPP_IFACE" = "wlan0" ]
    #then
    #cat /etc/resolv.conf | sed s/nameserver// | sed s/' '// | while read nameserver
    #do
    #route add -host $nameserver $PPP_IFACE
    #done
    #fi

    Make sure you can execute it:

    sudo chmod a+x /etc/ppp/ip-up.d/zanet


    Static routing should now work unless you made a mistake or I forgot something.
    Test it by starting ppp0. (sudo ifup ppp0)
    If you run route -n you should see huge list of static routes for the ppp0 interface and only a few when it is not started.


  • Automatic localroute updates
    You could get wget to retrieve a new list of local routes every so often manually or with a cronjob. You can stick the following script in a executable file in /etc/cron.monthly/ eg. /etc/cron.monthly/update-local-routes:

    #!/bin/bash

    cd /etc/ppp
    wget http://alm.za.net/ip/localroutes4.txt

    # If there is already a localroutes file replace it with the new one.
    if [ -f /etc/ppp/localroutes4.txt.1 ]
    then
    # Make sure that we didn't get an empty or nearly empty list
    # More than 1000 characters will qualify as a valid amount of local routes
    # Rather keep the old list if the new one is too small
    if [ `cat /etc/ppp/localroutes4.txt | wc -c` -gt 1000 ]
    then
    mv localroutes4.txt.1 localroutes4.txt
    fi
    fi

    Make sure its executable:
    sudo chmod a+x /etc/cron.monthly/update-local-routes


  • Lastly I use iftop -i ppp0 to monitor and make 100% sure where my traffic is being routed.

2 comments:

  1. Nice een Marius! Ek moet net op uitfigure hoekom die huis se PCs kan tracert whatsmyip.com maar nie tracert whatsmyip.co.za nie (dit werk 100% op die Ubuntu-boks wat ook 'n gateway is). Maar glo my, dis _baie_ verder as wat ek al hierdie laaste week gekom het om die @#%!!~@#$~@$ split reg te kry :)

    Blessings!!

    ReplyDelete