[elrepo] Route problem with dual interface in elrepo kernel

Steve Clark sclark at netwolves.com
Wed Jul 18 11:22:19 EDT 2012 

On 07/18/2012 03:03 AM, cute candy wrote:
> Hi All,
>
> I am using kernel version "kernel-ml-PAE-2.6.39-4.1.el5.
> elrepo.i686.rpm". My machine has two network interfaces eth0 and eth1. I configured IP on both the interfaces. Below is the snippet.
>
> eth0 Link encap:Ethernet HWaddr 00:15:17:61:D2:16
>           inet addr:10.77.247.172 Bcast:10.77.247.175 Mask:255.255.255.240
>           inet6 addr: 1701::215:17ff:fe61:d216/64 Scope:Global
>           inet6 addr: fe80::215:17ff:fe61:d216/64 Scope:Link
>           inet6 addr: 1701::59b0:2825:8287:29b8/64 Scope:Global
>           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>           RX packets:77 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:74 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:11432 (11.1 KiB) TX bytes:7725 (7.5 KiB)
>           Interrupt:17 Memory:e8180000-e81a0000
>
> eth1 Link encap:Ethernet HWaddr 00:15:17:61:D2:17
>           inet addr:10.77.243.154 Bcast:10.77.243.255 Mask:255.255.255.128
>           inet6 addr: 5abe::215:17ff:fe61:d217/64 Scope:Global
>           inet6 addr: 1901::215:17ff:fe61:d217/64 Scope:Global
>           inet6 addr: fe80::215:17ff:fe61:d217/64 Scope:Link
>           inet6 addr: 5abe::9d72:9c93:78c0:e6f6/64 Scope:Global
>           inet6 addr: 1901::9d72:9c93:78c0:e6f6/64 Scope:Global
>           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>           RX packets:2423 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:137 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:214114 (209.0 KiB) TX bytes:9211 (8.9 KiB)
>
> lo Link encap:Local Loopback
>           inet addr:127.0.0.1 Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING MTU:16436 Metric:1
>           RX packets:15851 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:15851 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:4133739 (3.9 MiB) TX bytes:4133739 (3.9 MiB)
>
> I configured default gateway in eth0. Below is the snippet.
>
> [root at ACS172 ~]# route -A inet -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 10.77.247.160 0.0.0.0 255.255.255.240 U 0 0 0 eth0
> 10.77.243.128 0.0.0.0 255.255.255.128 U 0 0 0 eth1
> 0.0.0.0 10.77.247.161 0.0.0.0 UG 0 0 0 eth0
>
> Issue:
>
> The issue is IP configured in eth1(10.77.243.154) is not pinging from other subnets(other than 10.77.243 network in my case). I captured TCP dump and could see ICMP request reaches the eth1 but ICMP response is not sent back.
>
> Please let me know anyone faced this issue and how to resolve it. I am blocked because of this issue, any help would be really helpful.
>
> Thanks,
> Prem.
>
>
> _______________________________________________
> elrepo mailing list
> elrepo at lists.elrepo.org
> http://lists.elrepo.org/mailman/listinfo/elrepo
Did you tcpdump on the other interface to see if the icmp replys were going out the default interface? If so you need to set up the appropriate
routing information on your box. Probably requires src based routing.

Below is a script I use.

I get the following from a database:
As an example you might use:

SRC_ADDR=10.77.243.154
DEV=eth1
DFLT_RT=10.77.243.128
if [ -z "${SRC_ADDR}" ] || [ -z "${DEV}" ] || [ -z "${DFLT_RT}" ]
then
     echo "missing info"
     exit
fi

if [ `id -un` != "root" ]
then
    echo "Must be run as root"
    exit
fi

# add a new routing table called second
RC=`/bin/egrep second /etc/iproute2/rt_tables`
if [ "$RC" == "" ]
then
     echo "200 second" >> /etc/iproute2/rt_tables
fi

cnt=`/sbin/ip rule list | /bin/egrep '200:' | /usr/bin/wc -l`
for (( i=0;i<$cnt;i++ ));
do
     /sbin/ip rule del prio 200
done

# add a rule that says when to use table second
/sbin/ip rule add from ${SRC_ADDR} table second prio 200
# add a route to table second
/sbin/ip route add default via ${DFLT_RT} dev ${DEV} src ${SRC_ADDR} table second
# flush the routing cache
/sbin/ip route flush cache
/sbin/ip rule list
/sbin/ip r s table second


Hope this helps.
-- 
Stephen Clark
*NetWolves*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark at netwolves.com
http://www.netwolves.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.elrepo.org/pipermail/elrepo/attachments/20120718/68d00fe0/attachment.html>

More information about the elrepo mailing list