How to adjust routing of external packets to one NIC instead of another NIC?

rfreiberger · 04-13-2010, 01:18 PM

Hello,

I'm running Ubuntu 9.10 server at home on VMware Workstation 7. I have two NIC's configured, one NIC is setup to have a direct connection to the network "Bridged", another NIC is setup to have a private network connection on VMnet1.

Network card 1 - 192.168.1.160 (Bridged)
Network card 2 - 10.1.1.1 (Internal access only)

So when I try to access the Internet, I can not go out on the NIC 1. If I try to ping google.com I get a return from 10.1.1.1 "no reply". But I know that NIC 2 is working, because I can ping 192.168.1.160 from the workstation I'm running on.

So I think that my routing is sending traffic out to the wrong NIC, but not sure if this is a metric in the iptables or another place?

The reason for two NICS is to simulate a DMZ where the server will be running Squid, to test proxy from another workstation on the 10.1.1.X subnet.

Thanks!

hi2arun · 04-13-2010, 04:46 PM

Where is your default route pointing to?

Quote:

route -n

If the default route is via NIC-2, then you need to change it to be via NIC-1

alli_yas · 04-14-2010, 09:52 AM

hi2arun is quite right - a route -n will show your default gateway and hence the default route for getting out.

What strikes me as strange is that your NIC 1 has an IP of 192.168.1.160 - which from my networking knowledge should be unroutable and hence unable to get to the internet (unless its part of a private network with another device that CAN connect to the internet and your machine is sharing the network on that box).

Lastly, you should check what DNS you have configured (more /etc/resolv.conf) - since this will be critical for doing something like # ping www.google.com

rfreiberger · 04-14-2010, 01:20 PM

Quote:

Originally Posted by alli_yas

hi2arun is quite right - a route -n will show your default gateway and hence the default route for getting out.

What strikes me as strange is that your NIC 1 has an IP of 192.168.1.160 - which from my networking knowledge should be unroutable and hence unable to get to the internet (unless its part of a private network with another device that CAN connect to the internet and your machine is sharing the network on that box).

Lastly, you should check what DNS you have configured (more /etc/resolv.conf) - since this will be critical for doing something like # ping www.google.com

Sorry I should have pointed that out. My VMware Workstation is running on my desktop machine which is on my home network. The 192.168.1.X subnet is the home lan but has access to the Internet. It's not perfect but it's emulating what it would be like on a DMZ where the home network is the Internet.

I'm not sure it's a DNS problem, I have my DNS pointed to OpenDNS which is also used on my network. The problem is as soon as I up the second NIC, I can ping to the interfaces, but nothing can get out. As soon as I down the NIC, everything works.

I built the same environment at work, this time planning to deploy it with two subnets, similar to the same thing but instead of the DMZ I'm going to place it on the internal network but the second NIC will just have an allow rule for Internet access.