my networking script doesn't allow local machines to connect to each other

thasp · 01-21-2009, 07:42 PM

Hi,

I wanted to be able to have separate NICs with separate IPs connecting to separate gateways on a machine so I could put an ftpd on each one. I tried binding an ftpd to each, and running separate instances of the ftpd. I tried virtual hosts.

NOTHING worked. I could either use one ftpd or the other. I could either connect via ssh on one IP or the other. the second I turned one NIC off stuff would work again. I messed with basic iproute commands, andnothng worked until I got this script to run, which allowed me to use each NIC independant of the other.

Code:

#!/bin/sh
#ip route flush all

ip route del default dev eth1
ip route del default dev eth0

ip route del table 1
ip route add table 1 to default via 10.10.10.1 dev eth1

ip route del table 2
ip route add table 2 to default via 192.168.1.1 dev eth0

ip rule add from 10.10.10.2 table 1
ip rule add from 192.168.1.248 table 2

ip route add default via 10.10.10.1 dev eth1

But now, samba client doesn't work. cifs mounting doesn't work either. It can't connect.

BEFORE I ran that script, I could connect via ssh, or to the ftpd running on the machine using a LOCAL IP - 10.10.10.2. AFTER, I have to use the external IP, or I cannot connect. I know that has something to do with it, but I do not have the advanced linux routing knowledge to redo the script or come up with a solution.

Thanks.

acid_kewpie · 01-23-2009, 03:56 AM

can you show us the state of the routing tables now? if you've completely deleted those routing tables then I'd wonder if they had entries for the locally connected subnets. You may be trying to push all traffic for local machines out via a gateway by mistake.

thasp · 01-23-2009, 04:01 PM

Quote:

Originally Posted by acid_kewpie

can you show us the state of the routing tables now? if you've completely deleted those routing tables then I'd wonder if they had entries for the locally connected subnets. You may be trying to push all traffic for local machines out via a gateway by mistake.

Code:

# ip r s
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.248
10.10.10.0/24 dev eth1  proto kernel  scope link  src 10.10.10.2
default via 10.10.10.1 dev eth1

Code:

# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U         0 0          0 eth1
0.0.0.0         10.10.10.1      0.0.0.0         UG        0 0          0 eth1

Code:

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         10.10.10.1      0.0.0.0         UG    0      0        0 eth1

Thank you!

thasp · 01-23-2009, 11:01 PM

Hre's what that all looks like before I run the script, fresh in a reboot.

Code:

# ip r s
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.248
10.10.10.0/24 dev eth1  proto kernel  scope link  src 10.10.10.2
default via 10.10.10.1 dev eth1

Code:

# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U         0 0          0 eth1
0.0.0.0         10.10.10.1      0.0.0.0         UG        0 0          0 eth1

thasp · 01-24-2009, 05:58 AM

I fixed my problem by running the script without the table 1 lines. Now it works.

If I had to guess, I'd say I couldn't contact it locally from the 192.168.1.0 network now. But I don't care!

thasp · 02-15-2009, 02:00 PM

It is as follows.

Code:

ip route del default dev eth0
ip route del default dev eth1
ip route del default dev eth2
ip route del table 2
ip route del table 3
ip route add table 2 to default via 10.10.13.1 dev eth2
ip rule add from 10.10.13.25 table 2
ip route add table 3 to default via 192.168.1.1 dev eth1
ip rule add from 192.168.1.5 table 3

ip route add default via 10.10.10.1 dev eth0

eth0 is an NIC with an IP of 10.10.10.2 going through 10.10.10.1.

eth1 is an NIC with an IP of 192.168.1.5 going through 192.168.1.1.

eth2 is an NIC with an IP of 10.10.13.25 going through 10.10.13.1

If I use all three connections to send files to site A, they will all work perfectly.

However, if I try to download files from site a to eth0, site b to eth1, and site c to eth2, they'll bounce like a see-saw. As eth2 goes up, eth1 will go down, and vice versa. Eventually one will hit its top speed and the other will time out whoever is connected to it.

I would like to be able to have files from site A go to eth0, site B go to eth1, and site C go to eth2, all at the same time, with each one using the full bandwidth. I don't want the one in table 2 to work and in table 3 to not work. This script worked when there were only 2 NICs in the machine, however, now with an added T1, I need it to be scalable over 3 connections.

Here is my current routing table.

Quote:

~# ip r s
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.5
10.10.13.0/24 dev eth2 proto kernel scope link src 10.10.13.25
10.10.10.0/24 dev eth0 proto kernel scope link src 10.10.10.2
default via 10.10.10.1 dev eth0

Thank you in advance for any help you can provide.