2 Nics with 2 different Gateway

Issues related to configuring your network
acatao
Posts: 4
Joined: 2021/09/30 19:56:49

2 Nics with 2 different Gateway

Post by acatao » 2021/09/30 21:48:48

Hello !

I followed a lot of tutorials on the internet trying to make 2 nics with two different gateways on the same CentOS 7 box without success. I really appreciate if you can help me to find out the problem !!!

My NICs configuration are:

ens160
TYPE="Ethernet"
BOOTPROTO="none"
NAME="ens160"
DEVICE="ens160"
ONBOOT="yes"
IPADDR="172.16.15.21"
PREFIX="24"

ens192
TYPE="Ethernet"
BOOTPROTO="none"
NAME="ens192"
DEVICE="ens192"
ONBOOT="yes"
IPADDR="172.16.21.217"
PREFIX="24"

I create 2 files with rules for interfaces:
[root@test network-scripts]# cat rule-ens160
from 172.16.15.0/24 table rt1

[root@test network-scripts]# cat rule-ens192
from 172.16.21.0/24 table rt2

Also create 2 files with route for interfaces:
[root@test network-scripts]# cat route-ens160
default via 172.16.15.254 table rt1

[root@test network-scripts]# cat route-ens192
default via 172.16.21.254 table rt2

[root@test network-scripts]# ip rule show
0: from all lookup local
32764: from 172.16.21.0/24 lookup rt2
32765: from 172.16.15.0/24 lookup rt1
32766: from all lookup main
32767: from all lookup default

[root@test network-scripts]# ip route show table rt1
default via 172.16.15.254 dev ens160

[root@test network-scripts]# ip route show table rt2
default via 172.16.21.254 dev ens192

[root@test ~]# ping -I ens160 8.8.8.8
PING 8.8.8.8 (8.8.8.8) from 172.16.15.21 ens160: 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

[root@test ~]# ping -I ens192 8.8.8.8
PING 8.8.8.8 (8.8.8.8) from 172.16.21.217 ens192: 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

To validate the network outside from CentOS 7 box I shut down ens192 and did all network configuration on ens160 file. Then the ping works good, same to ens160.

Can you guys give me some light what I'm doing wrong or what I didn`t ?

Thank you so much in advanced !!!

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: 2 Nics with 2 different Gateway

Post by jlehtone » 2021/10/01 09:27:40

Do you have NetworkManager.service in use (which is, by default) or network.service?
If you do have NM, do you have package NetworkManager-dispatcher-routing-rules?

acatao
Posts: 4
Joined: 2021/09/30 19:56:49

Re: 2 Nics with 2 different Gateway

Post by acatao » 2021/10/01 12:40:33

Hello I'm using NetworkManager.

Code: Select all

[root@test network-scripts]# systemctl status NetworkManager.service -l
● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-10-01 09:32:39 -03; 2min 58s ago
     Docs: man:NetworkManager(8)
 Main PID: 691 (NetworkManager)
   CGroup: /system.slice/NetworkManager.service
           └─691 /usr/sbin/NetworkManager --no-daemon

Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2363] device (ens192): Activation: successful, device activated.
Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2399] device (ens160): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2407] device (ens160): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2421] manager: NetworkManager state is now CONNECTED_LOCAL
Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2706] device (ens160): Activation: successful, device activated.
Oct 01 09:32:40 test NetworkManager[691]: <info>  [1633091560.2723] manager: startup complete
Oct 01 09:32:40 test NetworkManager[691]: <warn>  [1633091560.9038] ifcfg-rh:     'rule-' file is present; you will need to use a dispatcher script to apply these routes
Oct 01 09:32:40 test NetworkManager[691]: <warn>  [1633091560.9065] ifcfg-rh:     'rule-' file is present; you will need to use a dispatcher script to apply these routes
Oct 01 09:32:41 test NetworkManager[691]: <warn>  [1633091561.6095] ifcfg-rh:     'rule-' file is present; you will need to use a dispatcher script to apply these routes
Oct 01 09:32:41 test NetworkManager[691]: <warn>  [1633091561.8213] ifcfg-rh:     'rule-' file is present; you will need to use a dispatcher script to apply these routes
[root@test network-scripts]#
I have NetworkManager-dispatcher-routing-rules installed

Code: Select all

[root@test network-scripts]# yum install NetworkManager-dispatcher-routing-rules
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.nbtelecom.com.br
 * extras: mirror.nbtelecom.com.br
 * updates: mirror.nbtelecom.com.br
Package 1:NetworkManager-dispatcher-routing-rules-1.18.8-2.el7_9.noarch already installed and latest version
Nothing to do
Thank you for helping me.

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: 2 Nics with 2 different Gateway

Post by jlehtone » 2021/10/01 13:15:51

What do you get with plain ip ro show?
It could be that the main table is still used for something.

Furthermore, what is the route to link-local network? For example, how to send to 172.16.15.0/24? There is no route for that in rt1.

Oh, wait, your rules ... "from 172.16.15.0/24 lookup rt1", shouldn't it be from me, e.g. "from 172.16.15.21 lookup rt1"?

acatao
Posts: 4
Joined: 2021/09/30 19:56:49

Re: 2 Nics with 2 different Gateway

Post by acatao » 2021/10/01 13:41:38

I'm not sure If I did the right changes but:

cat rule-ens192
from 172.16.21.217 table rt2
to 172.16.21.217 table rt2

cat rule-ens160
from 172.16.15.21 table rt1
to 172.16.15.21 table rt1

ip ro show
172.16.15.0/24 dev ens160 proto kernel scope link src 172.16.15.21 metric 100
172.16.21.0/24 dev ens192 proto kernel scope link src 172.16.21.217 metric 101

ip rule show
0: from all lookup local
32762: from all to 172.16.15.21 lookup rt1
32763: from all to 172.16.21.217 lookup rt2
32764: from 172.16.15.21 lookup rt1
32765: from 172.16.21.217 lookup rt2
32766: from all lookup main
32767: from all lookup default

Still the same problem ! Any idea ?

Just to add CentOS version is:

cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: 2 Nics with 2 different Gateway

Post by jlehtone » 2021/10/02 20:00:16

acatao wrote:
2021/10/01 13:41:38
to 172.16.21.217 table rt2
to 172.16.15.21 table rt1
These two make no sense.

I would have something like:

Code: Select all

rule-ens160
from 172.16.15.21 table rt1 priority 32764

route-ens160
172.16.15.0/24 dev ens160 table rt1
default via 172.16.15.254 table rt1
and similar for ens192.

acatao
Posts: 4
Joined: 2021/09/30 19:56:49

Re: 2 Nics with 2 different Gateway

Post by acatao » 2021/10/04 12:02:07

Hello !

It starts working after I changed these parameters:

Code: Select all

vi /etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
net.ipv4.ip_forward = 1

for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 >| $f ; done
And set the table like this:

Code: Select all

[root@test ~]# ip rule show
0:      from all lookup local
32764:  from all oif ens192 lookup test
32765:  from all iif ens192 lookup test
32766:  from all lookup main
32767:  from all lookup default

Code: Select all

[root@test ~]# ip route show table test
default via 172.16.21.254 dev ens192
Thank you for helping me.

vijaydsk
Posts: 5
Joined: 2020/03/05 12:16:35

Re: 2 Nics with 2 different Gateway

Post by vijaydsk » 2023/04/10 08:30:57

Hello Experts,
Can you please share the configuration for my reference.
Incidentally, I had to have 2Nic's with 2 different gateways..
Followed this message, but couldn't acheived.
Can you please post the entire steps to achieve the same

vijaydsk
Posts: 5
Joined: 2020/03/05 12:16:35

Re: 2 Nics with 2 different Gateway

Post by vijaydsk » 2023/04/10 10:11:17

Hello experts,
Tried and the configuration is as follows...

cat ifcfg-em1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
#DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=em1
UUID=5fc974a5-ed12-4bc2-a136-687aa27487d2
DEVICE=em1
ONBOOT=yes
IPADDR=10.70.1.63
PREFIX=24
IPV6_PRIVACY=no
GATEWAY=10.70.1.1
DNS1=10.70.1.9
DNS2=10.70.1.10

cat ifcfg-p3p1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=p3p1
UUID=346ccb67-886a-472c-a133-62c6e41af815
DEVICE=p3p1
ONBOOT=yes
IPV6_PRIVACY=no
IPADDR=10.22.55.42
NETMASK=255.255.255.252
PREFIX=30
#DEFROUTE=yes

cat rule-em1
from 10.70.1.63 table rt1 priority 32764

cat rule-p3p1
from 10.22.55.42 table rt2 priority 32765

cat route-em1
10.70.1.0/24 dev em1 table rt1
default via 10.70.1.1 table rt1

cat route-p3p1
10.22.55.40/30 dev p3p1 table rt2
default via 10.22.55.41 table rt2

ip rule sh
0: from all lookup local
32764: from 10.70.1.63 lookup rt1
32765: from 10.22.55.42 lookup rt2
32766: from all lookup main
32767: from all lookup default


vi /etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
net.ipv4.ip_forward = 1

cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)

for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 >| $f ; done

still am unable to configure.
Your advice is highly appreciated.

vijaydsk
Posts: 5
Joined: 2020/03/05 12:16:35

Re: 2 Nics with 2 different Gateway

Post by vijaydsk » 2023/04/11 04:06:52

Experts,
please help

Post Reply