====== Two default gateways on Linux ======
===== Two default gateways on CentOS =====
You have two or more network cards (interfaces) in one Linux system and each of these interfaces has its own default gateway. By default, you can only have one default gateway on a system.
We assume that we have two interfaces:
eth0
eth1
Two networks that should be used are:
192.168.1.0/24
10.10.0.0/24
whereby the first IP address in each respective network should be the gateway. Config files for these interfaces are in
/etc/sysconfing/network-scripts/ifcfg-eth0
and
ifcfg-eth1
and it looks like this:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME=eth0
UUID=7f164bfd-1ae4-4062-aadd-e2ea8bc0121e
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.5
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=1.1.1.1
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
IPADDR=10.10.0.124
PREFIX=24
DNS1=8.8.8.8
DNS2=1.1.1.1
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
NAME=eth1
UUID=9320b706-e68e-3610-9fec-9988316bd478
DEVICE=eth1
ONBOOT=yes
GATEWAY=10.10.0.1
NETMASK=255.255.255.0
NM_CONTROLLED=yes
To use a second interface and address we need to add another routing table. To do this go to file:
# vim /etc/iproute2/rt_tables
and add at the end “1 rt2”:
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
1 rt2
Now we need to add routing rules and routes:
# ip route add default via 10.10.0.1 dev eth1 table rt2
# ip rule add from 10.10.0.0/24 table rt2
You can check these changes with commands:
# ip route show table rt2
# ip rule show
==== CentOS: Start custom script automatically after network startup ====
Find the ifup-post under /etc/sysconfig/network-scripts. This scipt is called right after any network interface is brought up online. In this script, you will find the following code snippet toward the end.
if [ -x /sbin/ifup-local ]; then
/sbin/ifup-local ${DEVICE}
In the code snippet above, if ifup-local script exists in /sbin location, then script gets executed with an interface name in argument. Usually no such ecript like ifup-local exists so in order to run a startup script automatically after a network interface is up. Create an executable script called ifup-local in /sbin and put in there any command or script you wish to run.
Here is an example:
if [[ "$1" == "eth0" ]]
then
echo "this part will be executed right after eth0 is up."
echo "so you can put any startup command for eth0 here"
else
#DO_NOTHING
fi
when script is done, use command to get the script executable.
$ sudo chmod +x /sbin/ifup-local
[root@localhost ~]# cat /sbin/ifup-local
#!/bin/sh
#ip route add default via 10.5.23.254 dev eth1 table rt2;
#ip rule add from 10.5.23.0/24 table rt2
ip route add 10.5.23.0/24 dev eth1 src 10.5.23.10 table rt2;
ip route add default via 10.5.23.254 dev eth1 table rt2;
ip rule add from 10.5.23.10/32 table rt2;
ip rule add to 10.5.23.10/32 table rt2
===== Two default gateways on Debian =====
==== Initial Position ====
We will assume that we have two interfaces: eth0 and eth1. The two networks that should be used are 192.168.0.0/24 and 10.10.0.0/24, whereby the first IP address in each respective network should be the gateway. Under Debian, the initial configuration would appear as follows. /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 192.168.0.10
netmask 255.255.255.0
gateway 192.168.0.1
# The secondary network interface
allow-hotplug eth1
iface eth1 inet static
address 10.10.0.10
netmask 255.255.255.0
Adding a Second Routing Table
To add a new routing table, the file, /etc/iproute2/rt_tables must be edited. We will call the routing table “rt2” and set its preference to 1. The named file should then appear as follows.
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
1 rt2
==== Configuring the New Routing Table ====
From this point, four commands are needed to achieve our goal. First, the new routing table needs to be populated, which is done using the following command.
ip route add 10.10.0.0/24 dev eth1 src 10.10.0.10 table rt2
ip route add default via 10.10.0.1 dev eth1 table rt2
The first command says that the network, 10.10.0.0/24, can be reached through the eth1 interface. The second command sets the default gateway.
Routing Rules
So that the system knows when to use our new routing table, two rules must be configured.
ip rule add from 10.10.0.10/32 table rt2
ip rule add to 10.10.0.10/32 table rt2
These rules say that both traffic from the IP address, 10.10.0.10, as well as traffic directed to or through this IP address, should use the rt2 routing table.
Making the Configuration permanent
The ip rule and ip route commands will become invalid after a re-boot, for which reason they should become part of a script (for example, /etc/rc.local) that will be executed once the network has been started after booting. For Debian, these command can also be written directly into the /etc/network/interfaces file, which would then appear as follows.
iface eth1 inet static
address 10.10.0.10
netmask 255.255.255.0
post-up ip route add 10.10.0.0/24 dev eth1 src 10.10.0.10 table rt2
post-up ip route add default via 10.10.0.1 dev eth1 table rt2
post-up ip rule add from 10.10.0.10/32 table rt2
post-up ip rule add to 10.10.0.10/32 table rt2
==== More than Two Network Cards or Gateways ====
If there are more than two networks, a routing table can be created for each additional network analogous to the example presented above.
Testing the Configuration
The following commands can be used to ensure that the rules as well as the routing entries are working as expected.
ip route list table rt2
ip rule show