CentOS - Aug 2016 - Gateway question

Hi

There is a Centos 7 up-to-date box with 2 interfaces, let's say 
192.168.1.12 - enp2s0, 192.168.1.13 on enp3s0. Default gateway on enp2s0.

The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections

On the gateway the outgoing traffic is routed by source ip to different 
WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2

On the centos box are set all the route and routing rules:

route-enp2s0:
192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
default via 192.168.1.1 dev enp2s0 table t2

route-enp3s0:
192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
default via 192.168.1.1 dev enp3s0 table t3

rule-enp2s0:
from 192.168.1.12/32 table t2
to 192.168.1.12/32 table t2

rule-enp3s0:
from 192.168.1.13/32 table t3
to 192.168.1.13/32 table t3


All work when I add
#route add default gw 192.168.1.1 dev enp3s0

And that way I have :

# ip route show
default via 192.168.1.1 dev enp3s0
default via 192.168.1.1 dev enp2s0
169.254.0.0/16 dev enp2s0  scope link  metric 1002
169.254.0.0/16 dev enp3s0  scope link  metric 1003
192.168.1.0/24 dev enp2s0  proto kernel  scope link  src 192.168.1.12
192.168.1.0/24 dev enp3s0  proto kernel  scope link  src 192.168.1.13

But how can I add achieve this only with ip route command ... without route?
Can I add this in any config files (ex: route-enp2s0)?



Thanks

-- 
            Levi

Hi,

You can define your default gateway in "/etc/sysconfig/network" file,

GATEWAY="192.168.1.1"

After that, restart network services.

# systemctl restart network


--Regards
Ashishkumar S. Yadav

On Mon, Aug 8, 2016 at 4:35 PM, Levente Birta <blevi.linux at gmail.com>
wrote:
> Hi
>
> There is a Centos 7 up-to-date box with 2 interfaces, let's say
> 192.168.1.12 - enp2s0, 192.168.1.13 on enp3s0. Default gateway on enp2s0.
>
> The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections
>
> On the gateway the outgoing traffic is routed by source ip to different
> WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2
>
> On the centos box are set all the route and routing rules:
>
> route-enp2s0:
> 192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
> default via 192.168.1.1 dev enp2s0 table t2
>
> route-enp3s0:
> 192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
> default via 192.168.1.1 dev enp3s0 table t3
>
> rule-enp2s0:
> from 192.168.1.12/32 table t2
> to 192.168.1.12/32 table t2
>
> rule-enp3s0:
> from 192.168.1.13/32 table t3
> to 192.168.1.13/32 table t3
>
>
> All work when I add
> #route add default gw 192.168.1.1 dev enp3s0
>
> And that way I have :
>
> # ip route show
> default via 192.168.1.1 dev enp3s0
> default via 192.168.1.1 dev enp2s0
> 169.254.0.0/16 dev enp2s0  scope link  metric 1002
> 169.254.0.0/16 dev enp3s0  scope link  metric 1003
> 192.168.1.0/24 dev enp2s0  proto kernel  scope link  src 192.168.1.12
> 192.168.1.0/24 dev enp3s0  proto kernel  scope link  src 192.168.1.13
>
> But how can I add achieve this only with ip route command ... without
> route?
> Can I add this in any config files (ex: route-enp2s0)?
>
>
>
> Thanks
>
> --
>            Levi
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

On 08/08/2016 14:22, Ashish Yadav wrote:
> Hi,
>
> You can define your default gateway in "/etc/sysconfig/network"
file,
>
> GATEWAY="192.168.1.1"
>
> After that, restart network services.
>
> # systemctl restart network
>
>
It's defined .... and it is in routing table ... the only thing added is:
#route add default gw 192.168.1.1 dev enp3s0

Basically I have 2 default gateways or, if you wish, the same gateway is 
defined as default but on different interface

# ip route show
 >> default via 192.168.1.1 dev enp3s0
 >> default via 192.168.1.1 dev enp2s0
 >> 169.254.0.0/16 dev enp2s0  scope link  metric 1002
 >> 169.254.0.0/16 dev enp3s0  scope link  metric 1003
 >> 192.168.1.0/24 dev enp2s0  proto kernel  scope link  src 192.168.1.12
 >> 192.168.1.0/24 dev enp3s0  proto kernel  scope link  src 192.168.1.13


> --Regards
> Ashishkumar S. Yadav
>
> On Mon, Aug 8, 2016 at 4:35 PM, Levente Birta <blevi.linux at
gmail.com> wrote:
>
>> Hi
>>
>> There is a Centos 7 up-to-date box with 2 interfaces, let's say
>> 192.168.1.12 - enp2s0, 192.168.1.13 on enp3s0. Default gateway on
enp2s0.
>>
>> The gateway is pfsense, IP is 192.168.1.1 with 2 WAN connections
>>
>> On the gateway the outgoing traffic is routed by source ip to different
>> WAN, 192.168.1.12 to WAN1 and 192.168.1.13 to WAN2
>>
>> On the centos box are set all the route and routing rules:
>>
>> route-enp2s0:
>> 192.168.1.0/24 dev enp2s0 src 192.168.1.12 table t2
>> default via 192.168.1.1 dev enp2s0 table t2
>>
>> route-enp3s0:
>> 192.168.1.0/24 dev enp3s0 src 192.168.1.13 table t3
>> default via 192.168.1.1 dev enp3s0 table t3
>>
>> rule-enp2s0:
>> from 192.168.1.12/32 table t2
>> to 192.168.1.12/32 table t2
>>
>> rule-enp3s0:
>> from 192.168.1.13/32 table t3
>> to 192.168.1.13/32 table t3
>>
>>
>> All work when I add
>> #route add default gw 192.168.1.1 dev enp3s0
>>
>> And that way I have :
>>
>> # ip route show
>> default via 192.168.1.1 dev enp3s0
>> default via 192.168.1.1 dev enp2s0
>> 169.254.0.0/16 dev enp2s0  scope link  metric 1002
>> 169.254.0.0/16 dev enp3s0  scope link  metric 1003
>> 192.168.1.0/24 dev enp2s0  proto kernel  scope link  src 192.168.1.12
>> 192.168.1.0/24 dev enp3s0  proto kernel  scope link  src 192.168.1.13
>>
>> But how can I add achieve this only with ip route command ... without
>> route?
>> Can I add this in any config files (ex: route-enp2s0)?
>>
>>
>>
>> Thanks
>>
>> --
>>            Levi
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

-- 
            Levi

On 08/08/16 21:05, Levente Birta wrote:
>
> But how can I add achieve this only with ip route command ... without 
> route?
> Can I add this in any config files (ex: route-enp2s0)?
>
Hi Levente.

The iproute2 man page for each command is rather well documented on 
CentOS 7.  For instance, to view the specifics of *ip route*, type *man 
ip-route*.  On older versions of CentOS, all commands to ip have been 
lumped into *m**an ip*.

Also, would you care to explain why you'd want to have the same subnet 
on 2 interfaces of the same device?  If both networks had a host with 
the same IP, and another host on either one of the networks needed to 
talk to one of them, how would the router know which one to talk to?

I have encountered this before where one company acquired another and 
they both had same subnet IP's.  Before we renumbered one of the 
subnets, we resolved this via iptables mungling and policy routing.  So, 
it's doable, but why when there's plentiful supply of RFC1918 IP
addresses?


Regards,
ak.

On 09/08/2016 06:56, Anthony K wrote:
> On 08/08/16 21:05, Levente Birta wrote:
>>
>> But how can I add achieve this only with ip route command ... without
>> route?
>> Can I add this in any config files (ex: route-enp2s0)?
>>
> Hi Levente.
>
> The iproute2 man page for each command is rather well documented on
> CentOS 7.  For instance, to view the specifics of *ip route*, type *man
> ip-route*.  On older versions of CentOS, all commands to ip have been
> lumped into *m**an ip*.
>
> Also, would you care to explain why you'd want to have the same subnet
> on 2 interfaces of the same device?  If both networks had a host with
> the same IP, and another host on either one of the networks needed to
> talk to one of them, how would the router know which one to talk to?
>
> I have encountered this before where one company acquired another and
> they both had same subnet IP's.  Before we renumbered one of the
> subnets, we resolved this via iptables mungling and policy routing.  So,
> it's doable, but why when there's plentiful supply of RFC1918 IP
addresses?
>

As I said in the initial message the centos box need to access the 
internet on both interfaces, the gateway in function of source IP ( the 
two IPs allocated on the centos box on two interfaces ) route the 
traffic on different WAN connection.

My problem simply is that on the Centos box I cannot access the internet 
on the second interface (i.e. second WAN connection) without the 
command: #route add default gw 192.168.1.1 dev enp3s0

I'd like to mention that any traffic on the LAN is going in/out on the 
right interface ... just the internet cannot be reached on the second 
interface.

What I don't understand why the route command allow to add a second 
default gateway with different interface, but the ip route command doesn't?

Thanks

-- 
            Levi

On 08/08/2016 04:05 AM, Levente Birta wrote:
> Can I add this in any config files (ex: route-enp2s0)? 

Yes.  Add a route file for each interface, and set up rules to send 
packets out the corresponding physical interface:

https://blogs.oracle.com/networking/entry/advance_routing_for_multi_homed

On 09/08/2016 20:01, Gordon Messmer wrote:
> On 08/08/2016 04:05 AM, Levente Birta wrote:
>> Can I add this in any config files (ex: route-enp2s0)? 
>
>
> Yes.  Add a route file for each interface, and set up rules to send 
> packets out the corresponding physical interface:
>
> https://blogs.oracle.com/networking/entry/advance_routing_for_multi_homed
>
Yes, but no :)

I do all this and working on LAN ... all traffic go in/out on the proper 
interface ... the problem is when I try to access the internet on the 
second interface ....

If I add "#route add default gw 192.168.1.1 dev enp3s0" all is good,
but
cannot add that in route-iface file or with "ip route" ....

Thanks
Levi