[BlueOnyx:26641] Re: Interfaces and default routes

Darren Wolfe darren at intersys-group.com
Thu Dec 7 08:33:23 -05 2023 

Hi,

I've adjusted for privacies sake, but the last octet is unchanged so the netmasks and network ranges make sense

eth0 (public interface): 1.1.1.238, netmask 255.255.255.224
Gateway address is 1.1.1.225

eth1 (private interface): 192.168.17.18, netmask 255.255.255.0
No gateway address or any other routes needed, this is used as a simple DMZ



> -----Original Message-----
> From: Taco Scargo <taco at blueonyx.nl>
> Sent: Thursday, December 7, 2023 8:35 AM
> To: Darren Wolfe <darren at intersys-group.com>; BlueOnyx General Mailing List
> <blueonyx at mail.blueonyx.it>
> Subject: Re: [BlueOnyx:26639] Interfaces and default routes
> 
> Darren,
> 
> Would you be so kind to share the IP addresses of the interfaces?
> Because the routing table does not make sense at all and it almost seems that
> both interfaces share the same network address space, which you should never
> do.
> 
> Thanks,
> 
> Taco
> 
> > On 7 Dec 2023, at 00:44, Darren Wolfe via Blueonyx
> <blueonyx at mail.blueonyx.it> wrote:
> >
> > Hi,
> >
> >> Indeed, the IPv6 autoconf=no should be set. I'll see to it.
> >
> > Thank you!
> >
> >> As for the default gateway? In my understanding there should be only one
> >> default gateway and that should apply to all interfaces. There may be
> >> additional routes that direct traffic destined for an internal network
> >> to the interface that the internal network is connected to. Or if
> >> OpenVPN is present, there ought to be a route that allows traffic to be
> >> directed to the private network that OpenVPN clients use.
> >>
> >> But there shouldn't be two default gateways.
> >
> >
> > I shouldn't have confused the issue by mentioning two public default routes, but
> the idea that the default gateway should apply to all interfaces is an assumption
> that does not always hold. In my case, the public-facing interface has a public IP
> address as one would expect, but there is a DMZ network on a different interface
> and private address range which should not have the same default route applied
> to it.
> >
> > I may be misinterpreting what I see on the boxes which is that when the server
> is rebooted.  This is how it looks:
> > eth0 is the public interface, eth1 is the private (ip's have been changed)
> >
> > Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> > 0.0.0.0         1.1.1.225       0.0.0.0         UG    100    0        0 eth0
> > 0.0.0.0         1.1.1.225       0.0.0.0         UG    101    0        0 eth1
> > 1.1.1.224       0.0.0.0         255.255.255.224 U     100    0        0 eth0
> > 1.1.1.225       0.0.0.0         255.255.255.255 UH    101    0        0 eth1
> > 192.168.17.0    0.0.0.0         255.255.255.0   U     101    0        0 eth1
> >
> > I don't know what that 4th rule is attempting to do..
> >
> > Sometimes eth1 will get the lower route metric, which results in no network
> connectivity. Even like the above, active monitor says:
> > The network interface eth0 is down. The network interface eth1 is down.
> >
> > If the incorrect routes - the 2nd and 4th in the above, are removed, all is well.
> >
> >
> >
> >
> > _______________________________________________
> > Blueonyx mailing list
> > Blueonyx at mail.blueonyx.it
> > http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list