Gateway Question
Hi
There is a CentOS 7 up-to-date box with 2 interfaces, let’s say
192.168.1.12 – enp2s0, 192.168.1.13 on enp3s0. Default gateway on enp2s0.
The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections
On the gateway the outgoing traffic is routed by source ip to different WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2
On the CentOS box are set all the route and routing rules:
route-enp2s0:
192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
default via 192.168.1.1 dev enp2s0 table t2
route-enp3s0:
192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
default via 192.168.1.1 dev enp3s0 table t3
rule-enp2s0:
from 192.168.1.12/32 table t2
to 192.168.1.12/32 table t2
rule-enp3s0:
from 192.168.1.13/32 table t3
to 192.168.1.13/32 table t3
All work when I add
#route add default gw 192.168.1.1 dev enp3s0
And that way I have :
# ip route show default via 192.168.1.1 dev enp3s0
default via 192.168.1.1 dev enp2s0
169.254.0.0/16 dev enp2s0 scope link metric 1002
169.254.0.0/16 dev enp3s0 scope link metric 1003
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13
But how can I add achieve this only with ip route command … without route?
Can I add this in any config files (ex: route-enp2s0)?
Thanks
19 thoughts on - Gateway Question
Hi,
You can define your default gateway in “/etc/sysconfig/network” file,
GATEWAY=”192.168.1.1″
After that, restart network services.
# systemctl restart network
–Regards Ashishkumar S. Yadav
It’s defined …. and it is in routing table … the only thing added is:
#route add default gw 192.168.1.1 dev enp3s0
Basically I have 2 default gateways or, if you wish, the same gateway is defined as default but on different interface
# ip route show
>> default via 192.168.1.1 dev enp3s0
>> default via 192.168.1.1 dev enp2s0
>> 169.254.0.0/16 dev enp2s0 scope link metric 1002
>> 169.254.0.0/16 dev enp3s0 scope link metric 1003
>> 192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
>> 192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13
Hi Levente.
The iproute2 man page for each command is rather well documented on CentOS 7. For instance, to view the specifics of *ip route*, type *man ip-route*. On older versions of CentOS, all commands to ip have been lumped into *m**an ip*.
Also, would you care to explain why you’d want to have the same subnet on 2 interfaces of the same device? If both networks had a host with the same IP, and another host on either one of the networks needed to talk to one of them, how would the router know which one to talk to?
I have encountered this before where one company acquired another and they both had same subnet IP’s. Before we renumbered one of the subnets, we resolved this via iptables mungling and policy routing. So, it’s doable, but why when there’s plentiful supply of RFC1918 IP addresses?
Regards, ak.
As I said in the initial message the CentOS box need to access the internet on both interfaces, the gateway in function of source IP ( the two IPs allocated on the CentOS box on two interfaces ) route the traffic on different WAN connection.
My problem simply is that on the CentOS box I cannot access the internet on the second interface (i.e. second WAN connection) without the command: #route add default gw 192.168.1.1 dev enp3s0
I’d like to mention that any traffic on the LAN is going in/out on the right interface … just the internet cannot be reached on the second interface.
What I don’t understand why the route command allow to add a second default gateway with different interface, but the ip route command doesn’t?
Thanks
You can only have one default gateway.
It sounds to me like you want to use both interfaces, which are both on the same subnet and would connect to the same gateway, as some sort of load-balanced network, where traffic is evenly distributed across both interfaces? Or did I mis-read your initial question?
Yes. Add a route file for each interface, and set up rules to send packets out the corresponding physical interface:
https://blogs.oracle.com/networking/entry/advance_routing_for_multi_homed
No, there is no load-balancing…. It is a server on the LAN with two NICs, two IPs and I want to access the internet on both interfaces … which means, practically, different WAN connection, but from the server’s point of view doesn’t matter, the routing to different WAN is a job of gateway’s. And as I said in the initial message I achieved this … :)
The question is how can I achieve this with more elegant way, because the “route” command is deprecated anyway.
So, again:
CentOS 7
2 NICs enp2s0-192.168.1.12
enp3s0-192.168.1.13
default gateway on enp2s0 is 192.168.1.1, defined in /etc/sysconfig/network
Which other way (preferred with “ip route”) can I add this, but:
#route add default gw 192.168.1.1 dev enp3s0
????
Thanks Levi
Yes, but no :)
I do all this and working on LAN … all traffic go in/out on the proper interface … the problem is when I try to access the internet on the second interface ….
If I add “#route add default gw 192.168.1.1 dev enp3s0” all is good, but cannot add that in route-iface file or with “ip route” ….
Thanks Levi
those are both the same network, and the default gateway is a global thing. packets forwarded to 192.168.1.1 could use either 192.168.1.12
or .13, as they are all the same. in reality, they will use the first match they find.
how do you try and access the ‘internet on the second interface’ when its all the same subnet?? its the same internet, isn’t it?
Are you using the “network” or the “NetworkManager” service to configure your network? I haven’t verified that the route- files are supported by NetworkManager.
If you are using the older “network” service, then you might be getting the syntax of the route- file wrong. If you included the contents of your ifcfg- and route- files, we could check.
Generally, I’m quite certain that the document I provided describes how to accomplish specifically what you’re trying to accomplish.
Generally, but not necessarily. What Birta is trying to accomplish is called “multi-homing.” The oracle document I linked to is one of the shortest, accurate descriptions of its configuration on Red Hat derived systems that I’ve come across.
I’m using older network service … I hate NetworkManager :)
And all that content was included in the original post, but a copy/paste is not a problem:
route-enp2s0:
192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
default via 192.168.1.1 dev enp2s0 table t2
route-enp3s0:
192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
default via 192.168.1.1 dev enp3s0 table t3
rule-enp2s0:
from 192.168.1.12/32 table t2
to 192.168.1.12/32 table t2
rule-enp3s0:
from 192.168.1.13/32 table t3
to 192.168.1.13/32 table t3
Same internet, yes, but I want through different WAN connection For example can be postfix binded to different interfaces. But in this case I want to monitor the two WAN connection with ping. And with ping the ICMP packets can be sent on different interfaces.
I read the document again … and this talk about accessing this multi-homed host from the internet… I have all this configured and working!
My problem is when a connection is initiated on this multi-homed or whatever host … and the difference is that in my case the gateway is the same for both interfaces
And as I said this problem is resolved too … I asked for another way to achieve this
You say this is working because of the output here?
# ip route show default via 192.168.1.1 dev enp3s0
default via 192.168.1.1 dev enp2s0
169.254.0.0/16 dev enp2s0 scope link metric 1002
169.254.0.0/16 dev enp3s0 scope link metric 1003
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13
Yep…
default is:
# ip route show default via 192.168.1.1 dev enp2s0
169.254.0.0/16 dev enp2s0 scope link metric 1002
169.254.0.0/16 dev enp3s0 scope link metric 1003
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13
and this way not work
Then with the following command:
#route add default gw 192.168.1.1 dev enp3s0
Hurray … work :)
When you add a default gateway with:
route add default gw 192.168.1.1 dev enp3s0
you’ll note that you now have 2 routes with the same metric of 0 (use route -n to see the metric field – couldn’t get ip route to show me the metric).
When using ip route command, you need to specify a different metric otherwise it won’t take. To me, ip route is doing the right thing as having 2 gateways with the same metric will confuse the routing process.
If you need to use ip route to add another default gateway, make sure to use a different metric:
ip route add 0/0 via 192.168.1.1 dev enp3s0 metric
ak.
———————————-
Yeah … the metric solved
Just added to route-enp3s0:
0/0 via 192.168.1.1 dev enp3s0 metric 1
Thanks!!