The problem ?
Your system is running on Linux with multiple physical network interface cards (NIC) and each card has its own default gateway. By default, you can only set up a single default gateway on a system.
In our example, we will consider 2 NICs (eth0 and eth1) enabled with default gateway configured on eth0 interface.
On this scheme, we can imagine two different cases:
- The flow coming into eth0 will be returned through eth0 (default gateway)
- The flow coming into eth1 will be returned through eth0 (default gateway)
In the first case, there is no problem, each NIC will work independently but in the second case, if you configured default gateway on eth0, whatever the network card receiving the request, it will answer through eth0 which is the default gateway.
The solution will be to use a program called iproute2, which is included and installed in all current Linux distributions. The expected result is:
- The flow coming into eth0 is returned through eth0
- The flow coming into eth1 is returned through eth1
It should so look like the following scheme:
First of all, you will have to define new routing tables in the file /etc/iproute2/rt_tables by defining your own tables. Here, we are defining two new tables called rt0 and rt1:
# reserved values
Afterwards, you will have to configure your network cards (under /etc/network/interfaces if you’re running on a Debian-like system) as below:
iface eth0 inet static
post-up /sbin/ip route add default via 192.168.50.254 dev eth0 table rt0
post-up /sbin/ip rule add from 192.168.50.0/24 table rt0
pre-down /sbin/ip route del default via 192.168.50.254 dev eth0 table rt0
pre-down /sbin/ip rule del from 192.168.50.0/24 table rt0
iface eth1 inet static
post-up /sbin/ip route add default via 10.0.255.254 dev eth1 table rt1
post-up /sbin/ip rule add from 10.0.0.0/16 table rt1
pre-down /sbin/ip route del default via 10.0.255.254 dev eth1 table rt1
pre-down /sbin/ip rule del from 10.0.0.0/16 table rt1
And now, restart your networking service to set this new configuration up. This will be permanent.
You can now connect to your server using both interfaces, and it will automatically answer correctly through the good gateway !
You must be logged in to post a comment.