confused routes with multiple nics - Networking

This is a discussion on confused routes with multiple nics - Networking ; I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I disable eth1. Obviously, my routes are incorrect but my medeling with them has caused more problems than not. Here is my setup: eth0 ip ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: confused routes with multiple nics

  1. confused routes with multiple nics

    I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I
    disable eth1. Obviously, my routes are incorrect but my medeling with
    them has caused more problems than not. Here is my setup:

    eth0
    ip 129.200.32.46
    subnet 255.255.255.192
    gateway 129.200.32.1
    dns 129.200.101.3
    dns 129.172.51.4

    eth1
    ip 10.0.0.211
    subnet 255.255.255.0
    gateway 10.0.0.1
    no dns

    I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    but I cannot ping the DNS server IPs. When I do it tells me its using
    the 10.0.0.211 interface(eth1). Any suggestions on how I should setup
    my routes?


  2. Re: confused routes with multiple nics

    kevincw01 wrote:
    > I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I
    > disable eth1. Obviously, my routes are incorrect but my medeling with
    > them has caused more problems than not. Here is my setup:
    >
    > eth0
    > ip 129.200.32.46
    > subnet 255.255.255.192
    > gateway 129.200.32.1
    > dns 129.200.101.3
    > dns 129.172.51.4
    >
    > eth1
    > ip 10.0.0.211
    > subnet 255.255.255.0
    > gateway 10.0.0.1
    > no dns
    >
    > I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    > but I cannot ping the DNS server IPs. When I do it tells me its using
    > the 10.0.0.211 interface(eth1). Any suggestions on how I should setup
    > my routes?
    >

    You have two gateways to the rest of the internet; you should only have one!

    Robert

  3. Re: confused routes with multiple nics

    On Aug 6, 2:16 pm, Robert Harris
    wrote:
    > kevincw01 wrote:
    > > I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I
    > > disable eth1. Obviously, my routes are incorrect but my medeling with
    > > them has caused more problems than not. Here is my setup:

    >
    > > eth0
    > > ip 129.200.32.46
    > > subnet 255.255.255.192
    > > gateway 129.200.32.1
    > > dns 129.200.101.3
    > > dns 129.172.51.4

    >
    > > eth1
    > > ip 10.0.0.211
    > > subnet 255.255.255.0
    > > gateway 10.0.0.1
    > > no dns

    >
    > > I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    > > but I cannot ping the DNS server IPs. When I do it tells me its using
    > > the 10.0.0.211 interface(eth1). Any suggestions on how I should setup
    > > my routes?

    >
    > You have two gateways to the rest of the internet; you should only have one!
    >
    > Robert


    So, you're saying I should remove the gateway for eth1?


  4. Re: confused routes with multiple nics

    On Mon, 06 Aug 2007, in the Usenet newsgroup comp.os.linux.networking, in
    article <1186431068.366880.28230@i13g2000prf.googlegroups.c om>, kevincw01 wrote:

    >I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I
    >disable eth1. Obviously, my routes are incorrect but my medeling with
    >them has caused more problems than not. Here is my setup:


    Ow, no indication of what distribution and release.

    >eth0
    >ip 129.200.32.46
    >subnet 255.255.255.192
    >gateway 129.200.32.1
    >dns 129.200.101.3
    >dns 129.172.51.4
    >eth1
    >ip 10.0.0.211
    >subnet 255.255.255.0
    >gateway 10.0.0.1
    >no dns


    One definite, one possible problem

    >I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    >but I cannot ping the DNS server IPs. When I do it tells me its using
    >the 10.0.0.211 interface(eth1).


    Where does the 10.0.0.1 gateway lead? I'd bet it does not lead to the
    Internet, much less the 129.200.0.0/16 area, so it's almost certainly
    wrong. The "normal" routing table for this box should look something
    like

    /sbin/route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    129.200.32.0 0.0.0.0 255.255.255.192 U 0 0 929 eth0
    10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 1450 eth1
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 388 lo
    0.0.0.0 129.200.32.1 0.0.0.0 UG 0 0 79 eth0

    Perhaps that 10.0.0.1 gateway leads to other subnets in the 10.0.0.0/8
    range, and ONLY in that case should there be an entry for it, like
    10.0.0.0 10.0.0.1 255.0.0.0 U 0 0 21 eth1

    What you have done is mis-use the word "gateway". While the more simple
    meaning of the word is "that host that leads elsewhere" - virtually all
    Linux distributions (and the crappy "helper" tools provided by the various
    distributions) make the _assumption_ that if you declare a gateway, it
    MUST lead to the _world_ which is not always the case, and pretty uncommon
    when there are multiple ways off of the local wire.

    Read the routing table (above) like this:

    There is a route to 129.200.32.0 - 129.200.32.63, and these hosts are
    DIRECTLY attached to eth0. Because these hosts are directly attached, no
    gateway is needed to reach them. There is a route to 10.0.0.0 - 10.0.0.255,
    and these hosts are DIRECTLY attached to eth1. Again, no gateway is needed
    to reach these hosts. There is a route to the loopback (120.0.0.0/8). IF
    NONE OF THE ABOVE ROUTES LEAD WHERE YOU WANT TO GO, SEND THE PACKETS TO
    129.200.32.1. This last sentence defines a "default" route (meaning if
    nothing else works, use this). Now if you think about it, you can't have
    two defaults in this scenario because you never NEED (much less 'see') the
    second default - because the "first" one says "use me!!!".

    >Any suggestions on how I should setup my routes?


    Loose the second default route - OR set it up so that the kernel knows
    where it _does_ lead to (which is obviously not "everywhere").

    There are circumstances where two (or more) default routes may need to
    exist. This is not one of those cases. For details on them, see the
    Adv-Routing-HOWTO which should be on your system.

    Above, I mentioned a "possible" problem. The DNS servers have to know about
    all hosts you intend to talk to that are NOT included in /etc/hosts (or an
    NIS file if using that). The kernel believes the first answer it receives
    from a name resolver - and that includes the NXDOMAIN (does not exist in
    _my_ records) response from DNS. Talk to your network administrator if
    there are hostnames on the 10.0.0.0/24 network that the 129.x.x.x servers
    don't know about. For what it's worth, we using internal name servers for
    internal hosts (servers not reachable from the world) and these know how
    to resolve external addresses as well. Internal hostnames are not visible
    outside.

    Old guy

  5. Re: confused routes with multiple nics

    On Aug 6, 5:18 pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
    > One definite, one possible problem
    >
    > >I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    > >but I cannot ping the DNS server IPs. When I do it tells me its using
    > >the 10.0.0.211 interface(eth1).

    >
    > Where does the 10.0.0.1 gateway lead? I'd bet it does not lead to the
    > Internet, much less the 129.200.0.0/16 area, so it's almost certainly
    > wrong. The "normal" routing table for this box should look something
    > like
    >
    > /sbin/route -n
    > Kernel IP routing table
    > Destination Gateway Genmask Flags Metric Ref Use Iface
    > 129.200.32.0 0.0.0.0 255.255.255.192 U 0 0 929 eth0
    > 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 1450 eth1
    > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 388 lo
    > 0.0.0.0 129.200.32.1 0.0.0.0 UG 0 0 79 eth0
    >
    > Perhaps that 10.0.0.1 gateway leads to other subnets in the 10.0.0.0/8
    > range, and ONLY in that case should there be an entry for it, like
    > 10.0.0.0 10.0.0.1 255.0.0.0 U 0 0 21 eth1
    >
    > What you have done is mis-use the word "gateway". While the more simple
    > meaning of the word is "that host that leads elsewhere" - virtually all
    > Linux distributions (and the crappy "helper" tools provided by the various
    > distributions) make the _assumption_ that if you declare a gateway, it
    > MUST lead to the _world_ which is not always the case, and pretty uncommon
    > when there are multiple ways off of the local wire.
    >
    > Read the routing table (above) like this:
    >
    > There is a route to 129.200.32.0 - 129.200.32.63, and these hosts are
    > DIRECTLY attached to eth0. Because these hosts are directly attached, no
    > gateway is needed to reach them. There is a route to 10.0.0.0 - 10.0.0.255,
    > and these hosts are DIRECTLY attached to eth1. Again, no gateway is needed
    > to reach these hosts. There is a route to the loopback (120.0.0.0/8). IF
    > NONE OF THE ABOVE ROUTES LEAD WHERE YOU WANT TO GO, SEND THE PACKETS TO
    > 129.200.32.1. This last sentence defines a "default" route (meaning if
    > nothing else works, use this). Now if you think about it, you can't have
    > two defaults in this scenario because you never NEED (much less 'see') the
    > second default - because the "first" one says "use me!!!".
    >
    > >Any suggestions on how I should setup my routes?

    >
    > Loose the second default route - OR set it up so that the kernel knows
    > where it _does_ lead to (which is obviously not "everywhere").
    >
    > There are circumstances where two (or more) default routes may need to
    > exist. This is not one of those cases. For details on them, see the
    > Adv-Routing-HOWTO which should be on your system.
    >
    > Above, I mentioned a "possible" problem. The DNS servers have to know about
    > all hosts you intend to talk to that are NOT included in /etc/hosts (or an
    > NIS file if using that). The kernel believes the first answer it receives
    > from a name resolver - and that includes the NXDOMAIN (does not exist in
    > _my_ records) response from DNS. Talk to your network administrator if
    > there are hostnames on the 10.0.0.0/24 network that the 129.x.x.x servers
    > don't know about. For what it's worth, we using internal name servers for
    > internal hosts (servers not reachable from the world) and these know how
    > to resolve external addresses as well. Internal hostnames are not visible
    > outside.


    You sir, are awesome. Your explanation was eloquent and descriptive
    and I got the point immediately. I have also fixed the problem based
    on your feedback. I now understand the meaning of a gateway in this
    context. The 10.x.x.x gateway did not lead to the internet and
    really, i had no use for it since all the hosts on that network are on
    the same switch as eth1.

    -Kevin


  6. Re: confused routes with multiple nics

    On Tue, 07 Aug 2007, in the Usenet newsgroup comp.os.linux.networking, in
    article <1186447768.117715.35420@q3g2000prf.googlegroups.co m>, kevincw01 wrote:

    >(Moe Trin) wrote:


    >> What you have done is mis-use the word "gateway". While the more simple
    >> meaning of the word is "that host that leads elsewhere" - virtually all
    >> Linux distributions (and the crappy "helper" tools provided by the
    >> various distributions) make the _assumption_ that if you declare a
    >> gateway, it MUST lead to the _world_ which is not always the case, and
    >> pretty uncommon when there are multiple ways off of the local wire.


    >You sir, are awesome. Your explanation was eloquent and descriptive
    >and I got the point immediately. I have also fixed the problem based
    >on your feedback. I now understand the meaning of a gateway in this
    >context.


    Glad to hear it! This problem is seen a few times a month, fostered by
    the misunderstanding caused by the way windoze shows routing tables with
    the 'route print' command (which shows a "gateway" for every route
    including the loopback), and an overly helpful Linux routing setup that
    accepts a second (or more) default route, and _replaces_ the function of
    the existing route (under the impression that you changed your mind).

    >The 10.x.x.x gateway did not lead to the internet and really, i had no
    >use for it since all the hosts on that network are on the same switch
    >as eth1.


    Sounds like a helpful tool that was overly helpful. Glad it's working

    Old guy


  7. Re: confused routes with multiple nics

    On Mon, 06 Aug 2007 22:04:38 -0000 kevincw01 wrote:
    | On Aug 6, 2:16 pm, Robert Harris
    | wrote:
    |> kevincw01 wrote:
    |> > I've got 2 NICs I'm not able to reach my dns servers on eth0 unless I
    |> > disable eth1. Obviously, my routes are incorrect but my medeling with
    |> > them has caused more problems than not. Here is my setup:
    |>
    |> > eth0
    |> > ip 129.200.32.46
    |> > subnet 255.255.255.192
    |> > gateway 129.200.32.1
    |> > dns 129.200.101.3
    |> > dns 129.172.51.4
    |>
    |> > eth1
    |> > ip 10.0.0.211
    |> > subnet 255.255.255.0
    |> > gateway 10.0.0.1
    |> > no dns
    |>
    |> > I can ping hosts with 10.0.0.2xx IPs and hosts with 129.200.32.xxx IPs
    |> > but I cannot ping the DNS server IPs. When I do it tells me its using
    |> > the 10.0.0.211 interface(eth1). Any suggestions on how I should setup
    |> > my routes?
    |>
    |> You have two gateways to the rest of the internet; you should only have one!
    |>
    |> Robert
    |
    | So, you're saying I should remove the gateway for eth1?

    Out which interface do you want the packets destined for the internet to go?

    --
    |---------------------------------------/----------------------------------|
    | Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
    | first name lower case at ipal.net / spamtrap-2007-08-07-2247@ipal.net |
    |------------------------------------/-------------------------------------|

+ Reply to Thread