I'm adding the default gateway to the route through "route add default gw 10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
Thanks.
On Tue, 19 Aug 2008, ABBAS KHAN wrote:
I'm adding the default gateway to the route through "route add default gw 10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
There are several ways, actually.
System-config-network is one way, or if like me you prefer to edit the config files by hand you can edit the files in /etc/sysconfig/network-scripts/ifcfg-eth* or the file /etc/sysconfig/network. There needs to be a GATEWAY= line in one of those files. If you have an existing GATEWAY line modify it to taste. If you have no default gateway I would suggest putting it in /etc/sysconfig/ifcfg-eth?. Where the ? corresponds to the interface that points to the gateway.
Hope this helps.
Regards,
Thats the config file, I was looking for. Thanks Tom. Worked like a charm :)
On Tue, Aug 19, 2008 at 6:48 AM, Tom Diehl tdiehl@rogueind.com wrote:
On Tue, 19 Aug 2008, ABBAS KHAN wrote:
I'm adding the default gateway to the route through "route add default gw
10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
There are several ways, actually.
System-config-network is one way, or if like me you prefer to edit the config files by hand you can edit the files in /etc/sysconfig/network-scripts/ifcfg-eth* or the file /etc/sysconfig/network. There needs to be a GATEWAY= line in one of those files. If you have an existing GATEWAY line modify it to taste. If you have no default gateway I would suggest putting it in /etc/sysconfig/ifcfg-eth?. Where the ? corresponds to the interface that points to the gateway.
Hope this helps.
Regards,
-- Tom Diehl tdiehl@rogueind.com Spamtrap address mtd123@rogueind.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
IIANM, you can also use /etc/sysconfig/network-scripts/route-eth*, no?
Take a look at /etc/sysconfig/network-scripts/ifup-routes script.
-Bob
Thanks Bob for the additional tip :)
On Tue, Aug 19, 2008 at 9:28 AM, Bob Beers bob.beers@gmail.com wrote:
IIANM, you can also use /etc/sysconfig/network-scripts/route-eth*, no?
Take a look at /etc/sysconfig/network-scripts/ifup-routes script.
-Bob _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, Aug 19, 2008 at 11:32 AM, ABBAS KHAN bashukhan@gmail.com wrote:
Thanks Bob for the additional tip :)
On Tue, Aug 19, 2008 at 9:28 AM, Bob Beers bob.beers@gmail.com wrote:
IIANM, you can also use /etc/sysconfig/network-scripts/route-eth*, no?
Take a look at /etc/sysconfig/network-scripts/ifup-routes script.
-Bob _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
How many NICs? SELinux?
When you have SELinux, two NICs each that would use two different gateways, system-config-network is worthless whether using the GUI or text based one. The route will not stay permanent. ifup would not process either route.ethX nor ethX.route - at least not enough for it to show in route. Had to set the routes in /etc/rc.local. Of course, you can't set two default gateways, but you can add two routes via something like the following:
route add -net 0.0.0.0 netmask 0.0.0.0 gw a.b.c.d dev eth0 route add -net 0.0.0.0 netmask 0.0.0.0 gw w.x.y.z dev eth1
Currently, only one NIC wifi0. AFAIK, /etc/rc.local will only be executed once after other init scripts. And this reverts the changes to default after restarting the network.
Thanks.
On Tue, Aug 19, 2008 at 10:22 PM, Rob Townley rob.townley@gmail.com wrote:
On Tue, Aug 19, 2008 at 11:32 AM, ABBAS KHAN bashukhan@gmail.com wrote:
Thanks Bob for the additional tip :)
On Tue, Aug 19, 2008 at 9:28 AM, Bob Beers bob.beers@gmail.com wrote:
IIANM, you can also use /etc/sysconfig/network-scripts/route-eth*, no?
Take a look at /etc/sysconfig/network-scripts/ifup-routes script.
-Bob _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
How many NICs? SELinux?
When you have SELinux, two NICs each that would use two different gateways, system-config-network is worthless whether using the GUI or text based one. The route will not stay permanent. ifup would not process either route.ethX nor ethX.route - at least not enough for it to show in route. Had to set the routes in /etc/rc.local. Of course, you can't set two default gateways, but you can add two routes via something like the following:
route add -net 0.0.0.0 netmask 0.0.0.0 gw a.b.c.d dev eth0 route add -net 0.0.0.0 netmask 0.0.0.0 gw w.x.y.z dev eth1
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
On Wed, Aug 20, 2008 at 01:22, Rob Townley rob.townley@gmail.com wrote:
two NICs each that would use two different gateways,
If you are configuring default gateways on each interface, you are probably doing something wrong.
The only reason why you would want to do that is to balance your outgoing traffic between the two NICs, and this is better accomplished with bonding interfaces.
ifup would not process either route.ethX nor ethX.route
- at least not enough for it to show in route. Had to set
the routes in /etc/rc.local.
I fail to see why SELinux would make any difference on that. Can you describe your issue better? What is the configuration you tried to set up, and why didn't it work? What version of CentOS are you using, 4 or 5? What is in /var/log/messages and /var/log/audit/audit.log when you try to bring the interface up?
Regards, Filipe
On Wed, Aug 20, 2008 at 7:52 AM, Filipe Brandenburger filbranden@gmail.comwrote:
Hi,
On Wed, Aug 20, 2008 at 01:22, Rob Townley rob.townley@gmail.com wrote:
two NICs each that would use two different gateways,
If you are configuring default gateways on each interface, you are probably doing something wrong.
The only reason why you would want to do that is to balance your outgoing traffic between the two NICs, and this is better accomplished with bonding interfaces.
Bonding would defeat my purpose for this. My registrar requires two dns servers on two different IP addresses, but i only wanted to use one machine for now. The machine has two NICs that connect out through the same cable modem. One behind a soho firewall, one direct.
ifup would not process either route.ethX nor ethX.route
- at least not enough for it to show in route. Had to set
the routes in /etc/rc.local.
I fail to see why SELinux would make any difference on that. Can you describe your issue better? What is the configuration you tried to set up, and why didn't it work? What version of CentOS are you using, 4 or 5? What is in /var/log/messages and /var/log/audit/audit.log when you try to bring the interface up?
The interfaces would come up, the point was that that system-config-network would not keep the static information for the two NICs after a reboot. So when the machine was rebooted, some part of IP, SM, GW, NS disappeared or reverted back to DHCP even though it was explicitly set to static. I was using CentOS 5.0 / 5.1 when i had most problems. No entries would have appeared in the logs. I modified ifup-route to add logging to it directly and believe it was never called. Maybe i will have to upgrade the machine so i can run both the TUI and GUI more and monitor all files changed by both. Further, i turned off NetworkManager to get much further in keeping static ip setup.
Couldn't tell you much about why seLinux may have caused problems except that maybe there were mdac labels on files that broke some part of system-config-network keeping static routes and dns servers. I just remember that uninstalling seLinux got me much much further on a different machine when it came to static settings for multiple NICs. Much Further.
Regards, Filipe _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
You can place the statement in /etc/sysconfg/static-routes.
This file will be used when the network starts up.
_____
From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of ABBAS KHAN Sent: Tuesday, August 19, 2008 9:38 AM To: CentOS mailing list Subject: [CentOS] Is there a way to save the routing table permanently?
I'm adding the default gateway to the route through "route add default gw 10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
Thanks.
Are you sure this is actually processed? Do you have a working example for CentOS 4.x or 5.x? One that works with two NICS that would use two different gateways to the internet? I would like nothing more to get this to work in a streamlined fashion.
i didn't have success with the /etc/sysconfig/static-routes file, but maybe i didn't specify the routes using the correct syntax?
This web page recommends a complete rewrite of the /etc/sysconfig/network-scripts/ifup-routes script! http://www.akadia.com/services/redhat_static_routes.html
On Fri, Aug 22, 2008 at 7:58 AM, Stephen Moccio smoccio@ureach.com wrote:
You can place the statement in /etc/sysconfg/static-routes.
This file will be used when the network starts up.
*From:* centos-bounces@centos.org [mailto:centos-bounces@centos.org] *On Behalf Of *ABBAS KHAN *Sent:* Tuesday, August 19, 2008 9:38 AM *To:* CentOS mailing list *Subject:* [CentOS] Is there a way to save the routing table permanently?
I'm adding the default gateway to the route through "route add default gw 10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
Thanks.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Rob Townley wrote:
Are you sure this is actually processed? Do you have a working example for CentOS 4.x or 5.x? One that works with two NICS that would use two different gateways to the internet? I would like nothing more to get this to work in a streamlined fashion.
Two default gateways in linux do not work as one might expect. You need to do fancy stuff with the iproute2 command.
The static-routes file works fine for, static routes. Multiple gateways is more complex then just telling the system you have them, the system by default will use the first one available.
This article looks informative, though I've never done multiple gateways on linux before, I always do one gateway, to a real router(or layer 3 switch) and then do the routing from there.
http://www.linuxjournal.com/article/7291
nate
Rob Townley napsal(a):
Are you sure this is actually processed? Do you have a working example for CentOS 4.x or 5.x? One that works with two NICS that would use two different gateways to the internet? I would like nothing more to get this to work in a streamlined fashion.
i didn't have success with the /etc/sysconfig/static-routes file, but maybe i didn't specify the routes using the correct syntax?
Well, I use on one of my routers in /etc/sysconfig/static-routes: any net 192.168.36.0 netmask 255.255.255.0 gw 192.168.38.254 any net 192.168.37.0 netmask 255.255.255.0 gw 192.168.38.253
Running C4.6, route: [root@arakis ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 212.47.23.188 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.36.0 192.168.38.254 255.255.255.0 UG 0 0 0 eth1 192.168.37.0 192.168.38.253 255.255.255.0 UG 0 0 0 eth1 0.0.0.0 212.47.23.189 0.0.0.0 UG 0 0 0 eth0
David Hrbáč
on 8-22-2008 7:01 AM David Hrbáč spake the following:
Rob Townley napsal(a):
Are you sure this is actually processed? Do you have a working example for CentOS 4.x or 5.x? One that works with two NICS that would use two different gateways to the internet? I would like nothing more to get this to work in a streamlined fashion.
i didn't have success with the /etc/sysconfig/static-routes file, but maybe i didn't specify the routes using the correct syntax?
Well, I use on one of my routers in /etc/sysconfig/static-routes: any net 192.168.36.0 netmask 255.255.255.0 gw 192.168.38.254 any net 192.168.37.0 netmask 255.255.255.0 gw 192.168.38.253
Running C4.6, route: [root@arakis ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 212.47.23.188 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.36.0 192.168.38.254 255.255.255.0 UG 0 0 0 eth1 192.168.37.0 192.168.38.253 255.255.255.0 UG 0 0 0 eth1 0.0.0.0 212.47.23.189 0.0.0.0 UG 0 0 0 eth0
David Hrbáč
Static routes work fine, but having 2 default routes will not be easy in linux. You can't be sure that packets can find there way back to their origin. Yours seems to work for you, but I bet it is because the packets are luckily getting back. It usually fails miserably.
Scott Silva wrote:
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 212.47.23.188 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.36.0 192.168.38.254 255.255.255.0 UG 0 0 0 eth1 192.168.37.0 192.168.38.253 255.255.255.0 UG 0 0 0 eth1 0.0.0.0 212.47.23.189 0.0.0.0 UG 0 0 0 eth0
[..]
Yours seems to work for you, but I bet it is because the packets are luckily getting back. It usually fails miserably.
Except it's not :) the previous poster only has 1 default gateway as indicated by the routing table above.
nate
on 8-22-2008 10:01 AM nate spake the following:
Scott Silva wrote:
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 212.47.23.188 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.36.0 192.168.38.254 255.255.255.0 UG 0 0 0 eth1 192.168.37.0 192.168.38.253 255.255.255.0 UG 0 0 0 eth1 0.0.0.0 212.47.23.189 0.0.0.0 UG 0 0 0 eth0
[..]
Yours seems to work for you, but I bet it is because the packets are luckily getting back. It usually fails miserably.
Except it's not :) the previous poster only has 1 default gateway as indicated by the routing table above.
nate
That is what I get for a half-a$$ed read and a quick response.
Scott Silva wrote:
Destination Gateway Genmask Flags Metric Ref Use Iface 212.47.23.188 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.36.0 192.168.38.254 255.255.255.0 UG 0 0 0 eth1 192.168.37.0 192.168.38.253 255.255.255.0 UG 0 0 0 eth1 0.0.0.0 212.47.23.189 0.0.0.0 UG 0 0 0 eth0
David Hrbáč
Static routes work fine, but having 2 default routes will not be easy in linux. You can't be sure that packets can find there way back to their origin. Yours seems to work for you, but I bet it is because the packets are luckily getting back. It usually fails miserably.
thats not two DEFAULT routes, thats simply routes to various specific networks via gateways on the eth1 network.
and, yes, having two routes to destination 0.0.0.0 will rarely do what you want. it will, however, create all kinda messes.
Hasn't this been hashed over several times in the past year to the same end result?
:-)
It appeared to me the original issue (this time) was being able to do primary and secondary dns on one box with different ip addresses because the registrar needed two different ip addresses when registering a domain.
If you must do it at home and you cannot get this solution to work as you expect, get a routed subnet on one side.
or
...better yet, since both links appear to be residential, ask a buddy with a colo for for access and make it the primary dns and pull secondary on your residential, or get a VPS server or two, or something else...
Unless it is a pure don't care if down sometimes hobby, having primary and secondary dns on last mile residential links, regardless of budget or your reliability perceptions, is not particularly wise.
- rh
RobertH wrote:
Hasn't this been hashed over several times in the past year to the same end result?
I think so..
It appeared to me the original issue (this time) was being able to do primary and secondary dns on one box with different ip addresses because the registrar needed two different ip addresses when registering a domain.
In which case you can get two(or more) IPs from the same ISP..
...better yet, since both links appear to be residential, ask a buddy with a colo for for access and make it the primary dns and pull secondary on your residential, or get a VPS server or two, or something else...
Unless it is a pure don't care if down sometimes hobby, having primary and secondary dns on last mile residential links, regardless of budget or your reliability perceptions, is not particularly wise.
I've been hosting my own DNS/web/mail on my home DSL (1Mbps, 4 static IPs) for about 7 years now, though I'm moving to a co-lo early next month. My ISP was bought out again(3rd time..), and the new ISP says they'll be changing my IPs later this year, so save myself some trouble and make the jump to a local co-lo, and reduce power usage in my apartment, and reduce noise, and reduce the amount of pain involved in moving to a new location(co-ordinating minimal downtime), and save about $40/mo (current 1Mbps DSL+ISP vs 1Mbps co-lo and 16Mbps cable modem).
I will miss it though, the flexibility of having static IPs and stuff at home to be able to mess with stuff, not as much flexibility being restricted to 1 rack unit of space at a local co-lo(short of virtualization which I'm doing). Though I haven't really done anything creative with it in several years.
My two name servers are right next to each other on the same subnet, behind the same firewall, on the same physical server(two systems are virtualized). But my availability requirements aren't as high as say the company I work for who has four F5 global traffic managers split between the West and East coasts of the U.S., each on a different ISP(our internal goal is 5 nines of availability), and several hundred servers serving data.
nate
On Fri, Aug 22, 2008 at 12:12 PM, RobertH roberth@abbacomm.net wrote:
Hasn't this been hashed over several times in the past year to the same end result?
:-)
It appeared to me the original issue (this time) was being able to do primary and secondary dns on one box with different ip addresses because the registrar needed two different ip addresses when registering a domain.
Actually, the original issue was system-config-network not keeping static IP information (IP, SM, NS, GW) or at least not throwing a warning. I guess i made it digress.
If you must do it at home and you cannot get this solution to work as you expect, get a routed subnet on one side.
i can think of many meanings for a "routed subnet" - is it something you buy from your ISP?
or
...better yet, since both links appear to be residential, ask a buddy with a colo for for access and make it the primary dns and pull secondary on your residential, or get a VPS server or two, or something else...
Actually, it is commercial cable and doable by other systems, so i am not giving up. i am going to start with studying "ip rules" as opposed to "ip routes". When the same IP configuration is on a laptop connected to both wireless and Cat5 wired behind two different firewalls, they do not have this problem. Granted, these usually use dynamic connections and are not providing critical services, but it works. Why not for static configurations and why doesn't system-config-network at least throw an warning.
Unless it is a pure don't care if down sometimes hobby, having primary and secondary dns on last mile residential links, regardless of budget or your reliability perceptions, is not particularly wise.
- rh
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
ABBAS KHAN wrote:
I'm adding the default gateway to the route through "route add default gw 10.10.10.10 http://10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
It would be very nice if the init.d script would allow the sysadmin to do something like "service network saveroutes". I always thought that would be a neat feature.
It should probably go into Red Hat's bugzilla before it gets implemented.
Florin Andrei wrote:
ABBAS KHAN wrote:
I'm adding the default gateway to the route through "route add default gw 10.10.10.10 http://10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
It would be very nice if the init.d script would allow the sysadmin to do something like "service network saveroutes". I always thought that would be a neat feature.
Routes only work when you can reach the next hop. That is, if you try to add a route through an interface that is not up, the command will fail and the route will not be added. If you want a route to be added when an interface comes up, there is already a place to do that. However, as others have pointed out you shouldn't expect multiple concurrent default routes to do something useful - but if you have multiple interfaces you can configure them both to add default routes and bring only one up at a time.
Les Mikesell wrote:
Florin Andrei wrote:
It would be very nice if the init.d script would allow the sysadmin to do something like "service network saveroutes". I always thought that would be a neat feature.
Routes only work when you can reach the next hop. That is, if you try to add a route through an interface that is not up, the command will fail and the route will not be added. If you want a route to be added when an interface comes up, there is already a place to do that. However, as others have pointed out you shouldn't expect multiple concurrent default routes to do something useful - but if you have multiple interfaces you can configure them both to add default routes and bring only one up at a time.
I wasn't thinking that far. I was just considering the fairly common situation when you add a few static routes manually, to fix routing problems, and you realize that's the configuration you want to keep. And then it would be nice if the init.d script would just freeze the current static routes for you.
On Fri, Aug 22, 2008 at 12:44 PM, Les Mikesell lesmikesell@gmail.comwrote:
Florin Andrei wrote:
ABBAS KHAN wrote:
I'm adding the default gateway to the route through "route add default gw 10.10.10.10 http://10.10.10.10" which is also shown in "route -n" but the problem is that as soon as I restart the network through /etc/init.d/network restart; the route sets to default one...! SO, my question is there any way to save the modified route permanently by hardcoding the changes?
It would be very nice if the init.d script would allow the sysadmin to do something like "service network saveroutes". I always thought that would be a neat feature.
Routes only work when you can reach the next hop. That is, if you try to add a route through an interface that is not up, the command will fail and the route will not be added. If you want a route to be added when an interface comes up, there is already a place to do that. However, as others have pointed out you shouldn't expect multiple concurrent default routes to do something useful - but if you have multiple interfaces you can configure them both to add default routes and bring only one up at a time.
-- Les Mikesell lesmikesell@gmail.com
;Are you suggesting the following? ;assume eth1 is a better ISP than eth0 ifdown eth0 ifup eth1 ISP on eth1 goes down automagically detect down ISP on eth1, so ifdown eth1 ifup eth0 automagically detect ISP back up on eth1, so ifdown eth0 again ;That isn't gonna fly.
Looks like nate pointed out the right journal article and looks very promising. Will let you know how it goes.
"Source-based routing capabilities are common on high end networking gear, but they rarely are seen or utilized in server environments. Linux has excellent but poorly understood source-based routing support. The whole universe of advanced Linux routing and traffic shaping is well described at lartc.org."
ip rules and ip route priority are key.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Rob Townley wrote:
Routes only work when you can reach the next hop. That is, if you try to add a route through an interface that is not up, the command will fail and the route will not be added. If you want a route to be added when an interface comes up, there is already a place to do that. However, as others have pointed out you shouldn't expect multiple concurrent default routes to do something useful - but if you have multiple interfaces you can configure them both to add default routes and bring only one up at a time.;Are you suggesting the following? ;assume eth1 is a better ISP than eth0 ifdown eth0 ifup eth1 ISP on eth1 goes down automagically detect down ISP on eth1, so ifdown eth1 ifup eth0 automagically detect ISP back up on eth1, so ifdown eth0 again ;That isn't gonna fly.
The 'right' way to use multiple ISP's is to configure BGP routing with all of them so you learn the best routes to any destination. However that is non-trivial to set up and maintain and requires a large block of public IP addresses.
I haven't read the whole thread here - what problem are you trying to solve?
-
ABBAS KHAN -
Bob Beers -
David Hrbáč -
Filipe Brandenburger -
Florin Andrei -
John R Pierce -
Les Mikesell -
nate -
Rob Townley -
RobertH -
Scott Silva -
Stephen Moccio -
Tom Diehl