I am unable to ping NE.TW.RKB.IP1 from an outside network. Other machines which do not have access or routes for NET.WOR.KA.0 respond just fine. How do I get it to respond on both NET.WOR.KA.0 and NE.TW.RKB.0 given all default traffic should go through NET.WOR.KA.1 unless it is in reply to traffic from NE.TW.RKB.1 or there is an outage. [root at host20 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface NET.WOR.KA.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 NE.TW.RKB.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 NET.WOR.KA.1 0.0.0.0 UG 0 0 0 eth1 0.0.0.0 NE.TW.RKB.1 0.0.0.0 UG 20 0 0 eth0 [root at host20 ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:17:31:0F:04:AE inet addr:NE.TW.RKB.IP1 Bcast:NE.TW.RKB.255 Mask:255.255.255.0 eth0:pn Link encap:Ethernet HWaddr 00:17:31:0F:04:AE inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.0 eth1 Link encap:Ethernet HWaddr 00:01:03:E9:42:D0 inet addr:NET.WOR.KA.IP2 Bcast:NET.WOR.KA.255 Mask:255.255.255.0 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 TIA -jason -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Sr. Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited.
Jason Pyeron wrote:> > I am unable to ping NE.TW.RKB.IP1 from an outside network. > Other machines > which do not have access or routes for NET.WOR.KA.0 respond just fine. > > How do I get it to respond on both NET.WOR.KA.0 and > NE.TW.RKB.0 given all > default traffic should go through NET.WOR.KA.1 unless it is > in reply to > traffic from NE.TW.RKB.1 or there is an outage. > > [root at host20 ~]# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric > Ref Use > Iface > NET.WOR.KA.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth1 > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth0 > NE.TW.RKB.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 > 0 0 eth1 > 0.0.0.0 NET.WOR.KA.1 0.0.0.0 UG 0 > 0 0 eth1 > 0.0.0.0 NE.TW.RKB.1 0.0.0.0 UG 20 > 0 0 eth0 > > [root at host20 ~]# ifconfig > eth0 Link encap:Ethernet HWaddr 00:17:31:0F:04:AE > inet addr:NE.TW.RKB.IP1 Bcast:NE.TW.RKB.255 > Mask:255.255.255.0 > eth0:pn Link encap:Ethernet HWaddr 00:17:31:0F:04:AE > inet addr:192.168.1.20 Bcast:192.168.1.255 > Mask:255.255.255.0 > eth1 Link encap:Ethernet HWaddr 00:01:03:E9:42:D0 > inet addr:NET.WOR.KA.IP2 Bcast:NET.WOR.KA.255 > Mask:255.255.255.0 > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 >You can have only 1 default route. You can use RIP or some other routing protocol to advertise defualt routes to the host from the gateways based upon route availability or weight, or you can deploy reverse NAT'ing on the gateways so external IPs will be masqueraded as the internal IP of the gateway and thus be routed to the appropriate gateway based on which IP they arrived on. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
Sorry for the top post. The default route is the route applied when no other route matches the destination IP. From that how would you figure out which default route to pick, only if the routes were weighted could you pick between two. If you had two routes with equal weight and the traffic went round robin between them then the originating host will discard half the returning traffic because it's not coming from the same ip it sent it to. No your best bet is probably to do reverse NAT'ing as it is simple to setup and you don't have to worry about default routes and weight. Traffic initiates on 1 gateway and sticks with it for the duration of the session. You can use BGP on the gateways outside interface to load balance or fail-over the default gateway or use round-robin DNS, MX records for mail, etc. -Ross ----- Original Message ----- From: centos-bounces at centos.org <centos-bounces at centos.org> To: centos at centos.org <centos at centos.org> Sent: Tue Jan 29 18:03:13 2008 Subject: [CentOS] Re: Network routes on 1/29/2008 2:53 PM Jason Pyeron spake the following:> > >> -----Original Message----- >> From: centos-bounces at centos.org >> [mailto:centos-bounces at centos.org] On Behalf Of Ross S. W. Walker >> Sent: Tuesday, January 29, 2008 17:38 >> To: CentOS mailing list >> Subject: RE: [CentOS] Network routes >> >> Jason Pyeron wrote: >>> I am unable to ping NE.TW.RKB.IP1 from an outside network. >>> Other machines >>> which do not have access or routes for NET.WOR.KA.0 respond >> just fine. >>> How do I get it to respond on both NET.WOR.KA.0 and >>> NE.TW.RKB.0 given all >>> default traffic should go through NET.WOR.KA.1 unless it is >>> in reply to >>> traffic from NE.TW.RKB.1 or there is an outage. >>> >>> [root at host20 ~]# route -n >>> Kernel IP routing table >>> Destination Gateway Genmask Flags Metric >>> Ref Use >>> Iface >>> NET.WOR.KA.0 0.0.0.0 255.255.255.0 U 0 >>> 0 0 eth1 >>> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 >>> 0 0 eth0 >>> NE.TW.RKB.0 0.0.0.0 255.255.255.0 U 0 >>> 0 0 eth0 >>> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 >>> 0 0 eth1 >>> 0.0.0.0 NET.WOR.KA.1 0.0.0.0 UG 0 >>> 0 0 eth1 >>> 0.0.0.0 NE.TW.RKB.1 0.0.0.0 UG 20 >>> 0 0 eth0 >>> >>> [root at host20 ~]# ifconfig >>> eth0 Link encap:Ethernet HWaddr 00:17:31:0F:04:AE >>> inet addr:NE.TW.RKB.IP1 Bcast:NE.TW.RKB.255 >>> Mask:255.255.255.0 >>> eth0:pn Link encap:Ethernet HWaddr 00:17:31:0F:04:AE >>> inet addr:192.168.1.20 Bcast:192.168.1.255 >>> Mask:255.255.255.0 >>> eth1 Link encap:Ethernet HWaddr 00:01:03:E9:42:D0 >>> inet addr:NET.WOR.KA.IP2 Bcast:NET.WOR.KA.255 >>> Mask:255.255.255.0 >>> lo Link encap:Local Loopback >>> inet addr:127.0.0.1 Mask:255.0.0.0 >>> >> You can have only 1 default route. >> >> You can use RIP or some other routing protocol to >> advertise defualt routes to the host from the >> gateways based upon route availability or weight, >> or you can deploy reverse NAT'ing on the gateways >> so external IPs will be masqueraded as the >> internal IP of the gateway and thus be routed to >> the appropriate gateway based on which IP they >> arrived on. >> >> -Ross >> > > But I have 2 physical network cards, on 2 different networks. Should they > not both have default routes? >You would think so, but it will confuse the system so bad that traffic won't know where to go. The default route is the route that packets need to take to leave your network to enter the outside world. Every thing under your control should have static routes of some kind, or a routing daemon. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080129/74692069/attachment-0002.html>
Jason Pyeron wrote:> I am unable to ping NE.TW.RKB.IP1 from an outside network. Other machines > which do not have access or routes for NET.WOR.KA.0 respond just fine. > > How do I get it to respond on both NET.WOR.KA.0 and NE.TW.RKB.0 given all > default traffic should go through NET.WOR.KA.1 unless it is in reply to > traffic from NE.TW.KB.1 or there is an outage.You probably want to remove the default route through NE.TW.KB.1 and add routes for the specific networks that you can reach though it. Normally routing is done toward a destination network/address without regard to the route of a packet you might be replying to. As for an 'outage', how do you define/detect the outage? Normally if you want routes to be determined dynamically you would set up a routing protocol with the next-hop routers - or for simple failover the alternative gateway routers might be configured via hsrp or vrrp to have a floating IP address that the rest of the LAN uses as the default gateway address.> [root at host20 ~]# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > NET.WOR.KA.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > NE.TW.RKB.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 > 0.0.0.0 NET.WOR.KA.1 0.0.0.0 UG 0 0 0 eth1 > 0.0.0.0 NE.TW.RKB.1 0.0.0.0 UG 20 0 0 eth0 >-- Les Mikesell lesmikesell at gmail.com