[BlueOnyx:26642] Re: Interfaces and default routes
Taco Scargo
taco at blueonyx.nl
Thu Dec 7 10:15:16 -05 2023
I see 1.1.1.225 is configured on eth1 as well though.
That should not be.
I think that is why the default gateway is also “attached” to eth1.
>>> 1.1.1.225 0.0.0.0 255.255.255.255 UH 101 0 0 eth1
> On 7 Dec 2023, at 14:33, Darren Wolfe via Blueonyx <blueonyx at mail.blueonyx.it> wrote:
>
> Hi,
>
> I've adjusted for privacies sake, but the last octet is unchanged so the netmasks and network ranges make sense
>
> eth0 (public interface): 1.1.1.238, netmask 255.255.255.224
> Gateway address is 1.1.1.225
>
> eth1 (private interface): 192.168.17.18, netmask 255.255.255.0
> No gateway address or any other routes needed, this is used as a simple DMZ
>
>
>
>> -----Original Message-----
>> From: Taco Scargo <taco at blueonyx.nl>
>> Sent: Thursday, December 7, 2023 8:35 AM
>> To: Darren Wolfe <darren at intersys-group.com>; BlueOnyx General Mailing List
>> <blueonyx at mail.blueonyx.it>
>> Subject: Re: [BlueOnyx:26639] Interfaces and default routes
>>
>> Darren,
>>
>> Would you be so kind to share the IP addresses of the interfaces?
>> Because the routing table does not make sense at all and it almost seems that
>> both interfaces share the same network address space, which you should never
>> do.
>>
>> Thanks,
>>
>> Taco
>>
>>> On 7 Dec 2023, at 00:44, Darren Wolfe via Blueonyx
>> <blueonyx at mail.blueonyx.it> wrote:
>>>
>>> Hi,
>>>
>>>> Indeed, the IPv6 autoconf=no should be set. I'll see to it.
>>>
>>> Thank you!
>>>
>>>> As for the default gateway? In my understanding there should be only one
>>>> default gateway and that should apply to all interfaces. There may be
>>>> additional routes that direct traffic destined for an internal network
>>>> to the interface that the internal network is connected to. Or if
>>>> OpenVPN is present, there ought to be a route that allows traffic to be
>>>> directed to the private network that OpenVPN clients use.
>>>>
>>>> But there shouldn't be two default gateways.
>>>
>>>
>>> I shouldn't have confused the issue by mentioning two public default routes, but
>> the idea that the default gateway should apply to all interfaces is an assumption
>> that does not always hold. In my case, the public-facing interface has a public IP
>> address as one would expect, but there is a DMZ network on a different interface
>> and private address range which should not have the same default route applied
>> to it.
>>>
>>> I may be misinterpreting what I see on the boxes which is that when the server
>> is rebooted. This is how it looks:
>>> eth0 is the public interface, eth1 is the private (ip's have been changed)
>>>
>>> Destination Gateway Genmask Flags Metric Ref Use Iface
>>> 0.0.0.0 1.1.1.225 0.0.0.0 UG 100 0 0 eth0
>>> 0.0.0.0 1.1.1.225 0.0.0.0 UG 101 0 0 eth1
>>> 1.1.1.224 0.0.0.0 255.255.255.224 U 100 0 0 eth0
>>> 1.1.1.225 0.0.0.0 255.255.255.255 UH 101 0 0 eth1
>>> 192.168.17.0 0.0.0.0 255.255.255.0 U 101 0 0 eth1
>>>
>>> I don't know what that 4th rule is attempting to do..
>>>
>>> Sometimes eth1 will get the lower route metric, which results in no network
>> connectivity. Even like the above, active monitor says:
>>> The network interface eth0 is down. The network interface eth1 is down.
>>>
>>> If the incorrect routes - the 2nd and 4th in the above, are removed, all is well.
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Blueonyx mailing list
>>> Blueonyx at mail.blueonyx.it
>>> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20231207/8c0aad57/attachment.html>
More information about the Blueonyx
mailing list