LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-21-2013, 08:06 AM   #1
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Rep: Reputation: Disabled
ugh... Cant get both NICs to route through their assigned gateways! HELP plz


Hello all
I am new to the forums.

Here is my problem. Ive been assigned a task to configure the NIC cards (eth0 and eth1) on an Ubuntu Linux 10.04 box. One NIC will be used for internet traffic ,and the second NIC will be used for VLAN backup traffic. The first NIC, eth0 , has DNS entries in /etc/resolv.conf, but the second NIC will not be assigned any DNS. These are static IPs of course.

for eth0:

IP: 10.146.112.34
Gateway: 10.146.112.1
Netmask: 255.255.255.0

for eth1:

IP: 10.146.123.8
Gateway: 10.146.123.1
Netmask: 255.255.255.0

I need the traffic following to/from eth0 to be routed through 10.146.112.1, and the traffic flowing to/from eth1 to be routed through 10.146.123.1. I attempted to use policy routing to make this work, but for some strange reason, I am able to ping to the box to and from the internet through eth0 but when I try to ping from the LAN or from the internet to eth1, it does not ping at all. Also if i ping from the box to the gateway address for eth1, it gives me a destination host unreachable error.

Here is my output for ifconfig -a:

Code:
eth0      Link encap:Ethernet  HWaddr 5c:f3:fc:b5:33:90          inet addr:10.146.112.34  Bcast:10.146.112.255  Mask:255.255.255.0
          inet6 addr: fe80::5ef3:fcff:feb5:3390/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2951 errors:0 dropped:0 overruns:0 frame:0
          TX packets:883 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:322770 (322.7 KB)  TX bytes:201609 (201.6 KB)
          Interrupt:28 Memory:92000000-92012800


eth1      Link encap:Ethernet  HWaddr 5c:f3:fc:b5:33:92
          inet addr:10.146.123.8  Bcast:10.146.123.255  Mask:255.255.255.0
          inet6 addr: fe80::5ef3:fcff:feb5:3392/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:2996 (2.9 KB)
          Interrupt:40 Memory:94000000-94012800


lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:7077 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7077 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:530720 (530.7 KB)  TX bytes:530720 (530.7 KB)


usb0      Link encap:Ethernet  HWaddr 5e:f3:fc:bb:33:93
          inet addr:169.254.95.120  Bcast:169.254.95.255  Mask:255.255.255.0
          inet6 addr: fe80::5cf3:fcff:febb:3393/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:39570 errors:0 dropped:0 overruns:0 frame:0
          TX packets:19864 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2673351 (2.6 MB)  TX bytes:953496 (953.4 KB)

Please ignore the usb0 interface. My team and I have no idea what that is, and we have no way of getting rid of it!

I set up the /etc/iproute2/rt_tables file as such:

Code:
## reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep
200     firstnet
300     secondnet
firstnet = routing table for eth0
secondnet = routing table for eth1

my /etc/network/interfaces file is as such:

Code:
$ cat /etc/network/interfaces# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).


# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
        address 10.146.112.34
        netmask 255.255.255.0
        network 10.146.112.0
        broadcast 10.146.112.255
        gateway 10.146.112.1


#Added to test policy routing


        post-up ip route add 10.146.112.0/24 dev eth0 src 10.146.112.34 table firstnet
        post-up ip route add default via 10.146.112.1 dev eth0 table firstnet
        post-up ip rule add from 10.146.112.34/24 table firstnet
        post-up ip rule add to 10.146.112.34/24 table firstnet
        post-down ip rule del from 10.146.112.34/24 table firstnet
        post-down ip rule del to 10.146.112.34/24 table firstnet








# configuration for second interface eth1
auto eth1
allow-hotplug eth1
iface eth1 inet static
        address 10.146.123.8
        netmask 255.255.255.0
        gateway 10.146.123.1
        post-up ip route add 10.146.123.0/24 dev eth1 src 10.146.123.8 table secondnet
        post-up ip route add default via 10.146.123.1 dev eth1 table secondnet
        post-up ip rule add from 10.146.123.8/24 table secondnet
        post-up ip rule add to 10.146.123.8/24 table secondnet
        post-down ip rule del from 10.146.123.8/24 table secondnet
        post-down ip rule del to 10.146.123.8/24 table secondnet
my /etc/sysctl.conf file is as such:

Code:
$ cat /etc/sysctl.conf#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#


#kernel.domainname = example.com


# Uncomment the following to stop low-level messages on console
#kernel.printk = 4 4 1 7


##############################################################3
# Functions previously found in netbase
#


# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1


# Uncomment the next line to enable TCP/IP SYN cookies
#net.ipv4.tcp_syncookies=1


# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1


# Uncomment the next line to enable packet forwarding for IPv6
#net.ipv6.conf.all.forwarding=1




###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Ignore ICMP broadcasts
#net.ipv4.icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
#net.ipv4.icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
This is what I get when I restart the networking service:

Code:
 sudo /etc/init.d/networking restart * Reconfiguring network interfaces...                                                                                                                                                                                                       RTNETLINK answers: No such file or directory
RTNETLINK answers: No such process
RTNETLINK answers: No such file or directory
ssh stop/waiting
ssh start/running, process 14441
ssh stop/waiting
ssh start/running, process 14513
and I am unable to ping to 10.146.123.8 from the LAN nor from the internet.

I have no idea what I am doing wrong! Please assist me. All help will be GREATLY appreciated!


Thanks!


Ping examples:


From the internet as well as the LAN to eth0:


Pinging 10.146.112.34 with 32 bytes of data:
Reply from 10.146.112.34: bytes=32 time=44ms TTL=57
Reply from 10.146.112.34: bytes=32 time=42ms TTL=57
Reply from 10.146.112.34: bytes=32 time=42ms TTL=57
Reply from 10.146.112.34: bytes=32 time=42ms TTL=57


Ping statistics for 10.146.112.34:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 44ms, Average = 42ms





From the box to the internet:

ping www.yahoo.com
PING ds-any-fp3-real.wa1.b.yahoo.com (98.139.180.149) 56(84) bytes of data.
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=1 ttl=45 time=72.5 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=2 ttl=45 time=274 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=3 ttl=43 time=56.3 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=4 ttl=45 time=58.8 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=5 ttl=45 time=63.3 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=6 ttl=43 time=72.3 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=7 ttl=45 time=70.7 ms
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=8 ttl=43 time=67.1 ms
^C
--- ds-any-fp3-real.wa1.b.yahoo.com ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7009ms
rtt min/avg/max/mdev = 56.322/91.952/274.355/69.176 ms

from the internet to 10.146.123.8:


Pinging 10.146.123.8 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.


Ping statistics for 10.146.123.8:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


From the LAN to the box via eth1

Pinging 10.146.123.8 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.


Ping statistics for 10.146.123.8:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

From the box to 10.146.123.1:


:/etc/iproute2$ ping 10.146.123.1
PING 10.146.123.1 (10.146.123.1) 56(84) bytes of data.
From 10.146.123.8 icmp_seq=2 Destination Host Unreachable
From 10.146.123.8 icmp_seq=3 Destination Host Unreachable
From 10.146.123.8 icmp_seq=4 Destination Host Unreachable
From 10.146.123.8 icmp_seq=6 Destination Host Unreachable
From 10.146.123.8 icmp_seq=7 Destination Host Unreachable
From 10.146.123.8 icmp_seq=8 Destination Host Unreachable
From 10.146.123.8 icmp_seq=9 Destination Host Unreachable
From 10.146.123.8 icmp_seq=10 Destination Host Unreachable
From 10.146.123.8 icmp_seq=11 Destination Host Unreachable
From 10.146.123.8 icmp_seq=12 Destination Host Unreachable
From 10.146.123.8 icmp_seq=13 Destination Host Unreachable
From 10.146.123.8 icmp_seq=14 Destination Host Unreachable









Please help! Thanks!
 
Old 11-21-2013, 08:38 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
you can't have two default gateways, it makes no sense.

Based on your configuration, if you want to go to 10.2.3.4... which way would you go? What information do you have to choose eth0 over eth1? Your server needs to be psychic!

Leave the gateway on the internet facing one, and then add a SPECIFIC route, possible to 10.0.0.0/8 via the internal router.
 
Old 11-21-2013, 08:47 AM   #3
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
you can't have two default gateways, it makes no sense.

Based on your configuration, if you want to go to 10.2.3.4... which way would you go? What information do you have to choose eth0 over eth1? Your server needs to be psychic!

Leave the gateway on the internet facing one, and then add a SPECIFIC route, possible to 10.0.0.0/8 via the internal router.


thanks for your reply!

So I am guessing when I explicitly specify "gateway 10.146.123.1" in the file, I am in essence, specifying a second default gateway?

What would the proper way of adding a specific static route for the second NIC be?


Thanks again!
 
Old 11-21-2013, 08:49 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
this looks suitable... http://www.cyberciti.biz/faq/ubuntu-...tatic-routing/
 
Old 11-21-2013, 08:53 AM   #5
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
Tried it already.. Didnt work unfortunately
 
Old 11-21-2013, 08:57 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
print out the routing table.... "route -n"
 
Old 11-21-2013, 09:01 AM   #7
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
print out the routing table.... "route -n"
Ok here is the output

Code:
~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.146.112.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.146.123.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.95.0    0.0.0.0         255.255.255.0   U     1      0        0 usb0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         10.146.123.1    0.0.0.0         UG    100    0        0 eth1
0.0.0.0         10.146.112.1    0.0.0.0         UG    100    0        0 eth0
 
Old 11-21-2013, 09:27 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
right, so there are no routes added there. You need to add them inline with the document.

In the config file, it would be something like:
post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.146.123.1

presuming I've got the right IP for the internal route.

You'll need to delete that invalid default gateway on the internal nic too.
 
Old 11-21-2013, 10:37 AM   #9
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
right, so there are no routes added there. You need to add them inline with the document.

In the config file, it would be something like:
post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.146.123.1

presuming I've got the right IP for the internal route.

You'll need to delete that invalid default gateway on the internal nic too.
So I edited the config file to look like this:

Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
        address 10.146.112.34
        netmask 255.255.255.0
        gateway 10.146.112.1


auto eth1
allow-hotplug eth1
iface eth1 inet static
        address 10.146.123.8
        netmask 255.255.255.0
        post-up route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.146.123.1
and it still doesnt let me ping to the 10.146.123.8 address from within the LAN (from what I was told by other engineers, that IP is NAT'd to the outside world)
 
Old 11-21-2013, 10:44 AM   #10
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
ping TO that address? But that's you....??? doing anything that is based on being told something by others where you work isn't something we can really help with.

Once that config is updated, you reloaded the network and then you can see the updated routing table, right?

The most basic way I'd say to test if the routing is working is to use tcpdump to at least see the traffic leaving the right interface.

open a separate login and run "tcpdump -i eth1 -ven" and then do your ping. regardless of reaching an end server or getting a response, that'll show all traffic leaving your box on that interface. if the right traffic is leaving your box, then that's the job done.
 
Old 11-21-2013, 10:53 AM   #11
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
ping TO that address? But that's you....??? doing anything that is based on being told something by others where you work isn't something we can really help with.

Once that config is updated, you reloaded the network and then you can see the updated routing table, right?

The most basic way I'd say to test if the routing is working is to use tcpdump to at least see the traffic leaving the right interface.

open a separate login and run "tcpdump -i eth1 -ven" and then do your ping. regardless of reaching an end server or getting a response, that'll show all traffic leaving your box on that interface. if the right traffic is leaving your box, then that's the job done.
Ok basically , the box that I am working on.. the Ubuntu box.. That is a seperate machine that I have SSH'd into. I myself am not on that same network. So I used RDP to remote into a Windows Server 2008 box which is on that same network as the Ubuntu box.. from that Windows 2008 box, I used SSH to access the Ubuntu box... So when I say I am pinging to 10.146.123.8 what I mean is that I am using the Windows Server 2008 box to try to ping to the Ubuntu machine. I want to make sure that eth1 is accepting traffic from the 10.146.123.0 network and sending packets through that same network... That card is being used to communicate with a server used for nightly backups.


ill try what you recommended to see what I get..
 
Old 11-21-2013, 11:02 AM   #12
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Here is the output for the tcpdump command for eth1. I dont know if its showing anything useful:

Code:
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
10:59:16.700108 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, ds                                                                                                                                                             ap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x000                                                                                                                                                             00c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
10:59:46.705545 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, ds                                                                                                                                                             ap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x000                                                                                                                                                             00c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:00:16.721683 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, ds                                                                                                                                                             ap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x000                                                                                                                                                             00c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:00:46.727680 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, ds                                                                                                                                                             ap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x000                                                                                                                                                             00c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:01:16.734573 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
^C
5 packets captured
5 packets received by filter
0 packets dropped by kernel
 
Old 11-21-2013, 11:25 AM   #13
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
right, that's all just local switch noise, you just need to see actual traffic there, entries saying "1.2.3.4:4321 > 2.3.4.5:80" etc... I presume you still haven't reloaded the networking to implement the config file changes. If the routes aren't in your routing table then obviously it's not going to work
 
Old 11-21-2013, 11:58 AM   #14
linuxr00lz2013
LQ Newbie
 
Registered: Sep 2013
Posts: 20

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
right, that's all just local switch noise, you just need to see actual traffic there, entries saying "1.2.3.4:4321 > 2.3.4.5:80" etc... I presume you still haven't reloaded the networking to implement the config file changes. If the routes aren't in your routing table then obviously it's not going to work

I reloaded it right after I had made the changes. Ill reload it again and here is the routing table:


Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.146.112.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.0.0        10.146.123.1    255.255.255.0   UG    0      0        0 eth1
10.146.123.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.95.0    0.0.0.0         255.255.255.0   U     1      0        0 usb0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         10.146.112.1    0.0.0.0         UG    100    0        0 eth0

Output of tcpdump command after second reload:

Code:
sudo tcpdump -i eth1 -ven
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
11:56:23.230117 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:56:53.237058 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:57:23.245677 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.
11:57:53.252232 00:19:aa:48:70:8c > 01:00:0c:00:00:00, 802.3, length 90: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid Unknown (0x0003): 00 00 00:19:aa:48:70:8c 01:00:0c:cc:cc:cc 66:
        0x0000:  002a aaaa 0300 000c 2004 0100 0100 0d69  .*.............i
        0x0010:  7065 7870 6572 7400 0002 0005 0400 0300  pexpert.........
        0x0020:  0540 0004 000a 0019 aa48 708c 0000 0000  .@.......Hp.....
        0x0030:  95d8 720b                                ..r.

When I performed the reload, this is what I got:

Code:
 
Reconfiguring network interfaces...                                                                                                                                                                                                       RTNETLINK answers: No such process
ssh stop/waiting
ssh start/running, process 438
ssh stop/waiting
ssh start/running, process 501

Last edited by linuxr00lz2013; 11-21-2013 at 12:00 PM.
 
Old 11-21-2013, 12:58 PM   #15
enyawix
Member
 
Registered: Sep 2003
Location: ky
Distribution: gentoo
Posts: 409

Rep: Reputation: 32
Quote:
Originally Posted by acid_kewpie View Post
you can't have two default gateways, it makes no sense.

Based on your configuration, if you want to go to 10.2.3.4... which way would you go? What information do you have to choose eth0 over eth1? Your server needs to be psychic!

Leave the gateway on the internet facing one, and then add a SPECIFIC route, possible to 10.0.0.0/8 via the internal router.
You can have two default gateways you get equal cost load balancing assuming the administrative distance is the same for each link. Cisco routers do this all the time. I am sure Linux can do it to.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Two NICS one web server and Two Gateways walk into a bar... dr_rockstar66 Linux - Networking 2 02-23-2005 05:23 PM
plz plz solve my route mapping problem nedian123 Linux - Networking 1 07-12-2004 10:41 PM
2 NICs 2 networks 2 gateways birkinshawc Linux - Networking 1 05-29-2004 04:05 PM
Howto set up 2 different gateways for 2 different nics kemplej Slackware 1 05-18-2004 12:53 PM
SuSE 9.0 Two NICs, only first assigned DNS mwooten111 Linux - Distributions 1 04-21-2004 10:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:03 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration