Gateway Question

Home » CentOS » Gateway Question
CentOS 19 Comments

Hi

There is a CentOS 7 up-to-date box with 2 interfaces, let’s say
192.168.1.12 – enp2s0, 192.168.1.13 on enp3s0. Default gateway on enp2s0.

The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections

On the gateway the outgoing traffic is routed by source ip to different WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2

On the CentOS box are set all the route and routing rules:

route-enp2s0:
192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
default via 192.168.1.1 dev enp2s0 table t2

route-enp3s0:
192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
default via 192.168.1.1 dev enp3s0 table t3

rule-enp2s0:
from 192.168.1.12/32 table t2
to 192.168.1.12/32 table t2

rule-enp3s0:
from 192.168.1.13/32 table t3
to 192.168.1.13/32 table t3

All work when I add
#route add default gw 192.168.1.1 dev enp3s0

And that way I have :

# ip route show default via 192.168.1.1 dev enp3s0
default via 192.168.1.1 dev enp2s0
169.254.0.0/16 dev enp2s0 scope link metric 1002
169.254.0.0/16 dev enp3s0 scope link metric 1003
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13

But how can I add achieve this only with ip route command … without route?
Can I add this in any config files (ex: route-enp2s0)?

Thanks

19 thoughts on - Gateway Question

  • Hi,

    You can define your default gateway in “/etc/sysconfig/network” file,

    GATEWAY=”192.168.1.1″

    After that, restart network services.

    # systemctl restart network

    –Regards Ashishkumar S. Yadav

  • It’s defined …. and it is in routing table … the only thing added is:
    #route add default gw 192.168.1.1 dev enp3s0

    Basically I have 2 default gateways or, if you wish, the same gateway is defined as default but on different interface

    # ip route show
    >> default via 192.168.1.1 dev enp3s0
    >> default via 192.168.1.1 dev enp2s0
    >> 169.254.0.0/16 dev enp2s0 scope link metric 1002
    >> 169.254.0.0/16 dev enp3s0 scope link metric 1003
    >> 192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
    >> 192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13

  • Hi Levente.

    The iproute2 man page for each command is rather well documented on CentOS 7. For instance, to view the specifics of *ip route*, type *man ip-route*. On older versions of CentOS, all commands to ip have been lumped into *m**an ip*.

    Also, would you care to explain why you’d want to have the same subnet on 2 interfaces of the same device? If both networks had a host with the same IP, and another host on either one of the networks needed to talk to one of them, how would the router know which one to talk to?

    I have encountered this before where one company acquired another and they both had same subnet IP’s. Before we renumbered one of the subnets, we resolved this via iptables mungling and policy routing. So, it’s doable, but why when there’s plentiful supply of RFC1918 IP addresses?

    Regards, ak.

  • As I said in the initial message the CentOS box need to access the internet on both interfaces, the gateway in function of source IP ( the two IPs allocated on the CentOS box on two interfaces ) route the traffic on different WAN connection.

    My problem simply is that on the CentOS box I cannot access the internet on the second interface (i.e. second WAN connection) without the command: #route add default gw 192.168.1.1 dev enp3s0

    I’d like to mention that any traffic on the LAN is going in/out on the right interface … just the internet cannot be reached on the second interface.

    What I don’t understand why the route command allow to add a second default gateway with different interface, but the ip route command doesn’t?

    Thanks

  • You can only have one default gateway.

    It sounds to me like you want to use both interfaces, which are both on the same subnet and would connect to the same gateway, as some sort of load-balanced network, where traffic is evenly distributed across both interfaces? Or did I mis-read your initial question?

  • No, there is no load-balancing…. It is a server on the LAN with two NICs, two IPs and I want to access the internet on both interfaces … which means, practically, different WAN connection, but from the server’s point of view doesn’t matter, the routing to different WAN is a job of gateway’s. And as I said in the initial message I achieved this … :)
    The question is how can I achieve this with more elegant way, because the “route” command is deprecated anyway.

    So, again:
    CentOS 7
    2 NICs enp2s0-192.168.1.12
    enp3s0-192.168.1.13
    default gateway on enp2s0 is 192.168.1.1, defined in /etc/sysconfig/network

    Which other way (preferred with “ip route”) can I add this, but:
    #route add default gw 192.168.1.1 dev enp3s0
    ????

    Thanks Levi

  • Yes, but no :)

    I do all this and working on LAN … all traffic go in/out on the proper interface … the problem is when I try to access the internet on the second interface ….

    If I add “#route add default gw 192.168.1.1 dev enp3s0” all is good, but cannot add that in route-iface file or with “ip route” ….

    Thanks Levi

  • those are both the same network, and the default gateway is a global thing. packets forwarded to 192.168.1.1 could use either 192.168.1.12
    or .13, as they are all the same. in reality, they will use the first match they find.

  • how do you try and access the ‘internet on the second interface’ when its all the same subnet?? its the same internet, isn’t it?

  • Are you using the “network” or the “NetworkManager” service to configure your network? I haven’t verified that the route- files are supported by NetworkManager.

    If you are using the older “network” service, then you might be getting the syntax of the route- file wrong. If you included the contents of your ifcfg- and route- files, we could check.

    Generally, I’m quite certain that the document I provided describes how to accomplish specifically what you’re trying to accomplish.

  • Generally, but not necessarily. What Birta is trying to accomplish is called “multi-homing.” The oracle document I linked to is one of the shortest, accurate descriptions of its configuration on Red Hat derived systems that I’ve come across.

  • I’m using older network service … I hate NetworkManager :)
    And all that content was included in the original post, but a copy/paste is not a problem:

    route-enp2s0:
    192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
    default via 192.168.1.1 dev enp2s0 table t2

    route-enp3s0:
    192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
    default via 192.168.1.1 dev enp3s0 table t3

    rule-enp2s0:
    from 192.168.1.12/32 table t2
    to 192.168.1.12/32 table t2

    rule-enp3s0:
    from 192.168.1.13/32 table t3
    to 192.168.1.13/32 table t3

  • Same internet, yes, but I want through different WAN connection For example can be postfix binded to different interfaces. But in this case I want to monitor the two WAN connection with ping. And with ping the ICMP packets can be sent on different interfaces.

  • I read the document again … and this talk about accessing this multi-homed host from the internet… I have all this configured and working!

    My problem is when a connection is initiated on this multi-homed or whatever host … and the difference is that in my case the gateway is the same for both interfaces

    And as I said this problem is resolved too … I asked for another way to achieve this

  • You say this is working because of the output here?

    # ip route show default via 192.168.1.1 dev enp3s0
    default via 192.168.1.1 dev enp2s0
    169.254.0.0/16 dev enp2s0 scope link metric 1002
    169.254.0.0/16 dev enp3s0 scope link metric 1003
    192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
    192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13

  • Yep…

    default is:
    # ip route show default via 192.168.1.1 dev enp2s0
    169.254.0.0/16 dev enp2s0 scope link metric 1002
    169.254.0.0/16 dev enp3s0 scope link metric 1003
    192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.12
    192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.13

    and this way not work

    Then with the following command:
    #route add default gw 192.168.1.1 dev enp3s0

    Hurray … work :)

  • When you add a default gateway with:

    route add default gw 192.168.1.1 dev enp3s0

    you’ll note that you now have 2 routes with the same metric of 0 (use route -n to see the metric field – couldn’t get ip route to show me the metric).

    When using ip route command, you need to specify a different metric otherwise it won’t take. To me, ip route is doing the right thing as having 2 gateways with the same metric will confuse the routing process.

    If you need to use ip route to add another default gateway, make sure to use a different metric:

    ip route add 0/0 via 192.168.1.1 dev enp3s0 metric

    ak.

    ———————————-

  • Yeah … the metric solved

    Just added to route-enp3s0:
    0/0 via 192.168.1.1 dev enp3s0 metric 1

    Thanks!!