Hi All,
I have 2 NICS in this system. CentOS 6.4
eth0 is the virtual IP from PFSense mapping connected to the router, works fine.
eth1 is a second NIC that I have assigned a private IP to and connected it to a switch on the private network. I have many other private devices, so I know this setup works.
When I connect the cable to the switch and bring up eth1 the system basically stops taking requests. I can no longer SSH in, Websites stop responding, etc. If I walk over to the server and take down eth1, everything works fine.
Here is eth0: DEVICE=eth0 HWADDR=00:1b:21:cd:80:bf TYPE=Ethernet UUID=68a95912-3915-4b1a-9080-eb2017330153 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none IPADDR=192.168.1.27 NETMASK=255.255.255.0 DNS2=8.8.4.4 GATEWAY=192.168.1.1 DNS1=8.8.8.8 IPV6INIT=no USERCTL=no
Here is eth1: DEVICE=eth1 HWADDR=00:0a:cd:17:07:7e TYPE=Ethernet UUID=b3851363-ae9e-4066-8993-caed07b9945b ONBOOT=no NM_CONTROLLED=yes BOOTPROTO=none IPADDR=10.0.254.11 NETMASK=255.255.255.0 GATEWAY=10.0.254.1 DNS1=8.8.8.8 DNS2=8.8.4.4 IPV6INIT=no USERCTL=no
I have never experienced this before.
Also, when I check system-config-network-tui, some .bak, which I made, but deleted the files from the file system when I was trying a few things. But how do I get rid of them?
I attached a screenshot
Jason
On 04/16/2013 01:37 PM, Jason T. Slack-Moehrle wrote:
Hi All,
I have 2 NICS in this system. CentOS 6.4
eth0 is the virtual IP from PFSense mapping connected to the router, works fine.
eth1 is a second NIC that I have assigned a private IP to and connected it to a switch on the private network. I have many other private devices, so I know this setup works.
When I connect the cable to the switch and bring up eth1 the system basically stops taking requests. I can no longer SSH in, Websites stop responding, etc. If I walk over to the server and take down eth1, everything works fine.
Here is eth0: DEVICE=eth0 HWADDR=00:1b:21:cd:80:bf TYPE=Ethernet UUID=68a95912-3915-4b1a-9080-eb2017330153 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none IPADDR=192.168.1.27 NETMASK=255.255.255.0 DNS2=8.8.4.4 GATEWAY=192.168.1.1 DNS1=8.8.8.8 IPV6INIT=no USERCTL=no
Here is eth1: DEVICE=eth1 HWADDR=00:0a:cd:17:07:7e TYPE=Ethernet UUID=b3851363-ae9e-4066-8993-caed07b9945b ONBOOT=no NM_CONTROLLED=yes BOOTPROTO=none IPADDR=10.0.254.11 NETMASK=255.255.255.0 GATEWAY=10.0.254.1 DNS1=8.8.8.8 DNS2=8.8.4.4 IPV6INIT=no USERCTL=no
I have never experienced this before.
Remove the GATEWAY line from eth1, unless you have another router (with its own access to the Internet) at 10.0.254.1. If eth0 points at your upstream, then this is unlikely.
I do have another gateway at 10.0.254.1, it is a Linksys router that all the provate stuff plugs into, and that Linksys plugs directly into our modem.
On Tue, Apr 16, 2013 at 10:42 AM, Michael Mol mikemol@gmail.com wrote:
On 04/16/2013 01:37 PM, Jason T. Slack-Moehrle wrote:
Hi All,
I have 2 NICS in this system. CentOS 6.4
eth0 is the virtual IP from PFSense mapping connected to the router,
works
fine.
eth1 is a second NIC that I have assigned a private IP to and connected
it
to a switch on the private network. I have many other private devices,
so I
know this setup works.
When I connect the cable to the switch and bring up eth1 the system basically stops taking requests. I can no longer SSH in, Websites stop responding, etc. If I walk over to the server and take down eth1, everything works fine.
Here is eth0: DEVICE=eth0 HWADDR=00:1b:21:cd:80:bf TYPE=Ethernet UUID=68a95912-3915-4b1a-9080-eb2017330153 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none IPADDR=192.168.1.27 NETMASK=255.255.255.0 DNS2=8.8.4.4 GATEWAY=192.168.1.1 DNS1=8.8.8.8 IPV6INIT=no USERCTL=no
Here is eth1: DEVICE=eth1 HWADDR=00:0a:cd:17:07:7e TYPE=Ethernet UUID=b3851363-ae9e-4066-8993-caed07b9945b ONBOOT=no NM_CONTROLLED=yes BOOTPROTO=none IPADDR=10.0.254.11 NETMASK=255.255.255.0 GATEWAY=10.0.254.1 DNS1=8.8.8.8 DNS2=8.8.4.4 IPV6INIT=no USERCTL=no
I have never experienced this before.
Remove the GATEWAY line from eth1, unless you have another router (with its own access to the Internet) at 10.0.254.1. If eth0 points at your upstream, then this is unlikely.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 4/16/2013 11:05 AM, Jason T. Slack-Moehrle wrote:
I do have another gateway at 10.0.254.1, it is a Linksys router that all the provate stuff plugs into, and that Linksys plugs directly into our modem.
multiple gateways is problematic. there should be only one default route to 0.0.0.0/0
so you have a pfSense firewall AND a linksys soho router both connected to the internet? sounds messy.
Hi John,
I do have another gateway at 10.0.254.1, it is a Linksys router that all
the provate stuff plugs into, and that Linksys plugs directly into our modem.
multiple gateways is problematic. there should be only one default route to 0.0.0.0/0
so you have a pfSense firewall AND a linksys soho router both connected to the internet? sounds messy.
Yes, indeed. We have a pfsense box with servers behind it connected to our modem as well as a router connected with private stuff behind it.
We do need to move the private stuff behind the pfsense box as well. It is on the list.
Jason
On Tue, Apr 16, 2013 at 2:34 PM, John R Pierce pierce@hogranch.com wrote:
On 4/16/2013 11:05 AM, Jason T. Slack-Moehrle wrote:
I do have another gateway at 10.0.254.1, it is a Linksys router that all the provate stuff plugs into, and that Linksys plugs directly into our modem.
multiple gateways is problematic. there should be only one default route to 0.0.0.0/0
Seconded -- multiple default gateways are definitely problematic.
You could set a metric on the second interface (eth1) prior to upping it so that the primary has priority. This doesn't completely remedy problematic situations though. Example: if eth0 is downed at the switch, but not downed on the host ... so the host will continue to try and use eth0. A situation in which serial remote management or physical vga/ip kvm access is helpful. ;)
Add "METRIC=30" to your ifcfg-eth1 file.
so you have a pfSense firewall AND a linksys soho router both connected to the internet? sounds messy.
-- john r pierce 37N 122W somewhere on the middle of the left coast
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Regards,
YB Tan Sri Dato' Sri Adli a.k.a Dell
my.linkedin.com/pub/yb-tan-sri-dato-sri-adli-a-k-a-dell/44/64b/464/ H/p number: (017) 362 3661
________________________________ From: SilverTip257 silvertip257@gmail.com To: CentOS mailing list centos@centos.org Sent: Thursday, April 18, 2013 12:28 AM Subject: Re: [CentOS] 2nd NIC troubles
On Tue, Apr 16, 2013 at 2:34 PM, John R Pierce pierce@hogranch.com wrote:
On 4/16/2013 11:05 AM, Jason T. Slack-Moehrle wrote:
I do have another gateway at 10.0.254.1, it is a Linksys router that all the provate stuff plugs into, and that Linksys plugs directly into our modem.
multiple gateways is problematic. there should be only one default route to 0.0.0.0/0
Seconded -- multiple default gateways are definitely problematic.
You could set a metric on the second interface (eth1) prior to upping it so that the primary has priority. This doesn't completely remedy problematic situations though. Example: if eth0 is downed at the switch, but not downed on the host ... so the host will continue to try and use eth0. A situation in which serial remote management or physical vga/ip kvm access is helpful. ;)
Add "METRIC=30" to your ifcfg-eth1 file.
so you have a pfSense firewall AND a linksys soho router both connected to the internet? sounds messy.
-- john r pierce 37N 122W somewhere on the middle of the left coast
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, Apr 16, 2013 at 1:05 PM, Jason T. Slack-Moehrle slackmoehrle@gmail.com wrote:
I do have another gateway at 10.0.254.1, it is a Linksys router that all the provate stuff plugs into, and that Linksys plugs directly into our modem.
You can only have one 'default' gateway. Keep the one pointed to the internet router. Make a file named /etc/sysconfig/network-scripts/route-eth1 to hold the route(s) handled by the other interface. Something like: 10.0.0.0/8 via 10.0.254.1 should work if you want the whole private class A space to go that way. The ifup/ifdown scripts will add/remove the routes matching the interfaces.
-- Les Mikesell lesmikesell@gmail.com
Hi Les,
I do have another gateway at 10.0.254.1, it is a Linksys router that all
the provate stuff plugs into, and that Linksys plugs directly into our modem.
You can only have one 'default' gateway. Keep the one pointed to the internet router. Make a file named /etc/sysconfig/network-scripts/route-eth1 to hold the route(s) handled by the other interface. Something like: 10.0.0.0/8 via 10.0.254.1 should work if you want the whole private class A space to go that way. The ifup/ifdown scripts will add/remove the routes matching the interfaces.
So this is a static route. I trued what you suggested and the eth1 interface stalls to come up. It just wont. All ssh sessions get disconnected and everything stops working
I did:
[root@meowbox network-scripts]# cat route-eth1 10.0.0.0/8 via 10.0.254.1
I found: http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-sta...
So I changed it to:
[root@meowbox network-scripts]# cat route-eth1 10.0.0.0/8 via 10.0.254.1 dev eth1
and commented out the GATEWAY= line in ifcfg-eht1 and the interface comes up.
Testing ssh and the websites, they seem to be fine.
Thank you for this lesson.
Jason
On Tue, Apr 16, 2013 at 2:26 PM, Jason T. Slack-Moehrle slackmoehrle@gmail.com wrote:
So this is a static route. I trued what you suggested and the eth1 interface stalls to come up. It just wont. All ssh sessions get disconnected and everything stops working
I did:
[root@meowbox network-scripts]# cat route-eth1 10.0.0.0/8 via 10.0.254.1
I found: http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-sta...
So I changed it to:
[root@meowbox network-scripts]# cat route-eth1 10.0.0.0/8 via 10.0.254.1 dev eth1
Interesting - I've never had to specify the device when it can be deduced from the interface IP and netmask. And I've never been able to make much sense out of the 'ip' man page either to tell what is actually required.
-- Les Mikesell lesmikesell@gmail.com
-
Jason T. Slack-Moehrle -
John R Pierce -
Les Mikesell -
Michael Mol -
SilverTip257 -
YB Tan Sri Dato Sri' Adli a.k.a Dell