[SOLVED] Replies always answers on secondary IP

Issues related to configuring your network
Post Reply
D0xEA
Posts: 4
Joined: 2020/05/12 17:36:12

[SOLVED] Replies always answers on secondary IP

Post by D0xEA » 2020/05/21 02:04:30

Hello,

I have a server with 2 public IPs.

eth0 - x.x.x.x
eth0:0 - y.y.y.y

The default gateway is set on eth0.

$ip route
default via g.g.g.g dev eth0 proto dhcp metric 100
g.g.g.g dev eth0 proto dhcp scope link metric 100
x.x.x.x dev eth0 proto kernel scope link src x.x.x.x metric 100
y.y.y.y dev eth0 proto kernel scope link src y.y.y.y metric 100

When I
curl ifconfig.me
it always replies as if it was my secondary IP (y.y.y.y) sending the request.

How can I have it reply on eth0 and not et0:0

Hope this makes sense. Any help is appreciated.

Thanks.
Last edited by D0xEA on 2020/06/11 14:04:13, edited 1 time in total.

User avatar
jlehtone
Posts: 3099
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Replies always answers on secondary IP

Post by jlehtone » 2020/05/21 09:44:54

First, IP aliases (device:0) are obsolete. See https://www.kernel.org/doc/html/latest/ ... alias.html

It is quite trivial to add multiple addresses to connection with NM:

Code: Select all

# assuming connection "eth0" already has address x.x.x.x/z
nmcli con mod eth0 +ipv4.addresses y.y.y.y/w
The default gateway is set on eth0.
Default is not "set on something". A machine has only one default route and it will talk with that router by any means necessary.


Overall, two addresses on same subnet is asking for trouble. Doable, but not trivial. Probably requires policy-based routing.
x.x.x.x dev eth0 proto kernel scope link src x.x.x.x metric 100
y.y.y.y dev eth0 proto kernel scope link src y.y.y.y metric 100
That looks like gibberish. Hopefully a result of obfuscation.

D0xEA
Posts: 4
Joined: 2020/05/12 17:36:12

Re: Replies always answers on secondary IP

Post by D0xEA » 2020/05/26 00:02:55

Thank you for your reply. The goal I am trying to achieve is to have a failover IP that only gets involved when the primary IP is not responding.

IPs are public on a different subnet.
Primary IP is set to DHCP
Secondary is static

I have assigned a secondary IP to the interface using nmcli, and the same behavior occurs. For some reason it seems to prefer sending traffic through the static interface.

I was thinking of using static routes or pre-up.d, but I have yet to read the manual.

Ideas are welcomed. Thanks!

User avatar
jlehtone
Posts: 3099
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Replies always answers on secondary IP

Post by jlehtone » 2020/05/26 06:31:50

Each route has "metric", priority. That can be adjusted.
D0xEA wrote:
2020/05/26 00:02:55
The goal I am trying to achieve is to have a failover IP that only gets involved when the primary IP is not responding.

IPs are public on a different subnet.
If that cable is cut, no IP of your machine will respond.
If the physical NIC eth0 breaks, no IP of your machine will respond.
If the kernel in you machine freezes, no IP of your machine will respond and no failover will happen.

Two different public subnets on same physical cable/network, untagged?
I don't say that that cannot exists, but I do find that very suspicious. VLAN, VxLAN, i.e. "tagged trunk" would be more believable.


One subnet that has more than one routers, but only one IP address on your machine. Just more complex default route. Not sure if NM supports the "nexthop" syntax.

Two separate physical interfaces connected to two different uplinks (say broadband and 4G). That is where failover route exists.

D0xEA
Posts: 4
Joined: 2020/05/12 17:36:12

Re: Replies always answers on secondary IP

Post by D0xEA » 2020/06/10 21:14:26

Hello again,

Thanks for your reply. This is a cloud VM on OVH. We have customers who don't give us access to their DNS so we are trying to work around it. Can this be switched around? I still don't understand why eth0:0 becomes the source IP.

This is eth0:0
IP4.ADDRESS[1]: 194.52.185.153/32

This is eth0
IP4.ADDRESS[2]: 14.3.131.140/32

[root@host NetworkManager]# nmcli device show
GENERAL.DEVICE: eth0
GENERAL.TYPE: ethernet
GENERAL.HWADDR: FA:16:3E:2C:CF:CE
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: System eth0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/4
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 194.52.185.153/32
IP4.ADDRESS[2]: 14.3.131.140/32
IP4.GATEWAY: 14.3.131.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 54.39.176.1, mt = 100
IP4.ROUTE[2]: dst = 194.52.185.153/32, nh = 0.0.0.0, mt = 100
IP4.ROUTE[3]: dst = 14.3.131.140/32, nh = 0.0.0.0, mt = 100
IP4.ROUTE[4]: dst = 14.3.131.140/32, nh = 0.0.0.0, mt = 100
IP4.DNS[1]: 213.186.33.99
IP4.DOMAIN[1]: openstacklocal

GENERAL.DEVICE: lo
GENERAL.TYPE: loopback
GENERAL.HWADDR: 00:00:00:00:00:00
GENERAL.MTU: 65536
GENERAL.STATE: 10 (unmanaged)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
IP4.ADDRESS[1]: 127.0.0.1/8
IP4.GATEWAY: --
IP6.ADDRESS[1]: ::1/128
IP6.GATEWAY: --
Last edited by D0xEA on 2020/06/11 14:02:55, edited 1 time in total.

D0xEA
Posts: 4
Joined: 2020/05/12 17:36:12

Re: Replies always answers on secondary IP

Post by D0xEA » 2020/06/11 13:59:41

Sorted my issue

# nmcli con mod eth0 ipv4.addresses "{{IP}}, {{IPFAILOVER}}"
# systemctl restart network

Thank you all who tried to help out.

Post Reply

Return to “CentOS 7 - Networking Support”