Routing¶

Configuring routing with Zentyal¶

Gateway¶

The gateway is the default route for connections whose destination is not on the local network. This means that if the system does not have static routes defined or if none of these match with the desired transmission, the default gateway will receive the traffic.

To configure a gateway in Zentyal, go to Network ‣ Gateways, which offers the following configuration parameters.

Adding a Gateway

Enabled:

Indicates whether this gateway is effectively working or if it is disabled.

Name:

Name used to identify the gateway.

IP Address:

IP Address of the gateway. This address has to be directly reachable from the host Zentyal is installed on, that is, without other routers in the middle.

Weight:

The greater the weight, the more traffic will be sent through this gateway if you have traffic balancing enabled. For example, if the first gateway has a weight of ‘7’ and the second gateway has a weight of ‘3’, 7 bandwidth units will go through the first one for every 3 bandwidth units that go through the second one. In other words, 70% of the traffic will use the first gateway and the remaining 30% will use the second one.

Default:

If this option is enabled, this will be the default gateway.

If you have interfaces configured as DHCP or PPPoE [2], you can not explicitly add gateways for them because they are already automatically managed. Nevertheless, you can still enable or disable them by editing their Weight or choosing whether one of them to be the Default gateway, but it is not possible to edit rest of the attributes.

List of gateways with DHCP

Zentyal may need a proxy in order to access the Internet, for example, for software and antivirus updates or for HTTP proxy re-direction.

To configure this external proxy, go to Network ‣ Gateways. Here you can specify the address for the Proxy server and also the Proxy port. A User and Password can also be specified if the proxy requires authentication.

External proxy configuration

[2]	PPOE: http://en.wikipedia.org/wiki/PPPoE

Static route table¶

If all the traffic directed to a network must go through a specific gateway, you must add a static gateway.

To manually configure a static route, you have to use Network ‣ Static Routes.

Configuration of a static route

These routes can be overwritten if the DHCP protocol is in use.

Configuring traffic balancing with Zentyal¶

As mentioned previously, a single host can have multiple gateways. This leads to a special situation in which new parameters must be taken into account when configuring a Zentyal server.

The routing rules for several gateways, also known as multigateway rules, allow the network to use multiple Internet connections in a transparent way. This can be very useful for organisations that require more bandwidth than can be offered by a single connection or that can not afford interruptions in their Internet access; an increasingly common situation nowadays.

Traffic balancing shares the outgoing connections to the Internet in a distributed way, allowing complete use of the available bandwidth. The simplest configuration is to establish different weights for each gateway so that, if the connections have different capacities, you can guarantee optimal use. Bear in mind that the minimum balancing unit is the connection. Packets belonging to the same connection will not be balanced between different gateways.

Traffic balancing and multigateway rules

Zentyal can also be configured to always send given types of traffic through a specific interface, if necessary. Common examples are the e-mail traffic, or all the traffic of a specific subnet.

Multigateway rules and traffic balancing can be established in the Network ‣ Gateways section, in the Traffic balancing tab. Here you can add rules to ensure that certain connections are routed though a specific gateway, depending on the incoming Interface, the Source (it can be an IP address, an Object, the Zentyal server itself or Any), the Destination (an IP address or an Object), the Service to which you want to associate this rule and the Gateway to which the specified traffic should be routed.

Gateway selection rule

Configuring WAN failover in Zentyal¶

When performing traffic balancing between two or more gateways, it is recommended to enable the WAN failover feature. Imagine that you are balancing traffic between two routers and one of them fails. If this feature is not enabled, part of the traffic will continue trying to use the non-functioning router causing connectivity problems for the network users.

In the failover configuration, you can define a set of tests for each gateway to check if it is operational or if, on the contrary, it is experiencing a problem and should no longer be used as an outgoing route to the Internet. These tests can consist of a ping to the gateway, to an external host, or an HTTP request. It is also possible to define how many tests are to be executed and the required success ratio. If any of the test fails, the associated gateway will be disabled. These tests will continue running even on a gateway that is down, so when the tests reach required success ratios again, the gateway will be newly enabled.

Disabling a disconnected gateway ensures that all the traffic will use the other enabled gateways. Also, the multigateway rules associated with this gateway will be deactivated and the quality of service rules will be consolidated. This way, the network users will not suffer any problems with their Internet connection. Once Zentyal detects that the disabled gateway is fully operative again, it will restore normal behaviour of the traffic balancing, multigateway rules and quality of service.

WAN failover configuration

To configure the failover options and tests, go to the Network ‣ Gateways menu WAN failover tab. You can specify the event frequencey by editing the value of the option Time between tests. To add a rule, click on the Add new option and a form with the following fields will be displayed:

Enabled:

Indicates if the rule is to be applied during the connectivity checks of the routers. It is possible to add different rules and enable or disable them depending on your needs, without having to delete and add them.

Gateway:

Select the gateway from the list of previously configured gateways.

In the Type of test, you can choose one of the following values:

Ping to gateway:

A control packet is sent from the Zentyal server to the gateway and awaits for a response. This checks that there is connectivity between both hosts and that the gateway is active. This doesn’t check whether the gateway has an Internet connection or not.

Ping to host:

As above, this test sends a control packet and waits for a response. This time it is sent to an external host, so not only is the gateway connection tested, but the Internet connection is tested too.

HTTP Request:

This is the most complete test because it tries to download content from the specified website, which requires that all the previous tests are completed satisfactorily.

Host IP address:

The server that is going to be used for the destination in tests. Not applicable to Ping to gateway.

Number of probes:

Number of times the test is repeated.

Required success ratio:

Indicates the rate of successful attempts needed to evaluate a test as ‘passed’.