Neil Aggarwal
2008-Aug-04 17:00 UTC
[CentOS] Outbound connections not using primary eth0 IP
Hello: I have a machine running CentOS 5.2 I added two IP addresses to eth0 by copying /etc/sysconfig/network-scripts/ifcfg-eth0 to /etc/sysconfig/network-scripts/ifcfg-eth0:0 /etc/sysconfig/network-scripts/ifcfg-eth0:1 and changing the relevant IP info. I am now seeing outbound connections failing at my firewall from services like NTP, etc. since they are now using a source address from one of the added IP addresses instead of the original eth0 IP which is allow through the firewall. I don't want to have to keep maintaining 3 copies of each firewall rule to accommodate the new IP addresses. Is there a way to tell the machine to use the eth0 IP address as the source address for connections? Here is the original ifcfg-eth0 file: # nVidia Corporation MCP55 Ethernet DEVICE=eth0 BOOTPROTO=none BROADCAST=206.123.70.63 HWADDR=00:30:48:7A:B4:FE IPADDR=206.123.70.50 NETMASK=255.255.255.240 NETWORK=206.123.70.48 ONBOOT=yes GATEWAY=206.123.70.49 TYPE=Ethernet Here is ifcfg-eth0:0 # nVidia Corporation MCP55 Ethernet DEVICE=eth0:0 BOOTPROTO=none BROADCAST=72.249.130.47 HWADDR=00:30:48:7A:B4:FE IPADDR=72.249.130.42 NETMASK=255.255.255.248 NETWORK=72.249.130.40 ONBOOT=yes GATEWAY=72.249.130.41 TYPE=Ethernet Here is ifcfg-eth0:1 # nVidia Corporation MCP55 Ethernet DEVICE=eth0:0 BOOTPROTO=none BROADCAST=72.249.130.47 HWADDR=00:30:48:7A:B4:FE IPADDR=72.249.130.43 NETMASK=255.255.255.248 NETWORK=72.249.130.40 ONBOOT=yes GATEWAY=72.249.130.41 TYPE=Ethernet Any ideas why this is happening? Thanks, Neil -- Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details.
Filipe Brandenburger
2008-Aug-04 17:12 UTC
[CentOS] Outbound connections not using primary eth0 IP
On Mon, Aug 4, 2008 at 13:00, Neil Aggarwal <neil at jammconsulting.com> wrote:> Any ideas why this is happening?Because you have two different default gateways. In that case, Linux will "rotate" between them, using one or the other for each outgoing packet. If you want all your outgoing traffic to go through one gateway only (from what you write, that is probably what you want), only remove the GATEWAY= line from the :0 and :1 files and restart the network with "service network restart". HTH, Filipe
Neil Aggarwal wrote:> Any ideas why this is happening?Try looking at this? http://www.clintoneast.com/articles/multihomed.php In general I try to make sure my systems only have 1 default gateway, makes life a lot easier. Leave the multi homing to the routers(or my preference layer 3 switches). nate