In my previous post I got rid of network-manager.
On my main desktop, which serves as a gateway for two subnets and serves them with access to the internet and has three ifs (eth0 goes to outside world, eth1 serves 192.168.0-127 and provides inet passthrough, eth2 serves 192.168.128-255), I had issues getting the internet connection to work once network-manager was gone -- the issue was the routing table.
Here's what I did to diagnose and solve it:
When I got rid of network manager I set up my /etc/network/interfaces like this:
sudo route -n
A quick fix is to do
sudo route add default dev eth0
which adds this as the first line:
Turns out you can just add the route options to your /etc/network/interfaces file
The script gives us a nice, compact routing table on doing
sudo service networking restart
sudo route -n
Edit::
An earlier version of this post used a separate script (see below). This works fine on boot. However, sudo service networking restart
does not invoke it -- so you may end up with a faulty route table. Thus, it is preferable to use the method above in which the route options are added to the end of /etc/network/interfaces
The following (below) is kept for posterity only:
We put the commands below into /etc/routing_table.sh:
On my main desktop, which serves as a gateway for two subnets and serves them with access to the internet and has three ifs (eth0 goes to outside world, eth1 serves 192.168.0-127 and provides inet passthrough, eth2 serves 192.168.128-255), I had issues getting the internet connection to work once network-manager was gone -- the issue was the routing table.
Here's what I did to diagnose and solve it:
When I got rid of network manager I set up my /etc/network/interfaces like this:
auto loBut it gives
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
gateway 192.168.1.1
auto eth2
iface eth2 inet static
address 192.168.1.129
netmask 255.255.255.128
gateway 192.168.1.129
sudo route -n
Kernel IP routing tableThe problem is that I DON'T want all traffic via eth2 and eth1. I want the default gateway to be my eth0. Inverting the order of the ifs in /etc/network/interfaces doesn't fix it either.Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.129 0.0.0.0 UG 0 0 0 eth2
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
0.0.0.0 XXX.XXX.XXX.254 0.0.0.0 UG 0 0 0 eth0
XXX.XXX.XXX.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.128 0.0.0.0 255.255.255.128 U 0 0 0 eth2
A quick fix is to do
sudo route add default dev eth0
which adds this as the first line:
Destination Gateway Genmask Flags Metric Ref Use IfaceIt looks like we might want to manually configure route.0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 eth0
Turns out you can just add the route options to your /etc/network/interfaces file
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
gateway 192.168.1.1
auto eth2
iface eth2 inet static
address 192.168.1.129
netmask 255.255.255.128
gateway 192.168.1.129
auto wlan0
iface wlan0 inet static
address 192.168.2.1
netmask 255.255.255.0
gateway 192.168.2.1
post-up ip route flush all
post-up route add default dev eth0
post-up route add -net 169.254.0.0 netmask 255.255.0.0 dev eth0 metric 1000
post-up route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 eth1
post-up route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.129 eth2
post-up route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 wlan0
The script gives us a nice, compact routing table on doing
sudo service networking restart
sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.1.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth1
192.168.1.128 192.168.1.129 255.255.255.128 UG 0 0 0 eth2
Edit::
An earlier version of this post used a separate script (see below). This works fine on boot. However, sudo service networking restart
does not invoke it -- so you may end up with a faulty route table. Thus, it is preferable to use the method above in which the route options are added to the end of /etc/network/interfaces
The following (below) is kept for posterity only:
We put the commands below into /etc/routing_table.sh:
#!/bin/sh
sudo ip route flush all
sudo route add default dev eth0
sudo route add -net 169.254.0.0 netmask 255.255.0.0 dev eth0 metric 1000
sudo route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 eth1
sudo route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.129 eth2
exit 0
We change the atttributes:
sudo chmod o-rwx /etc/routing_table.sh
sudo chmod g-rwx /etc/routing_table.sh
sudo chmod u+rwx /etc/routing_table.sh
Here user is root. This way only root can execute and edit the table. I guess the 'sudo' is a bit superfluous in our script.
To make it start on boot, add a line to your /etc/rc.local
My rc.local now looks like this:The firewall-rules.sh script is described in another post on ip tables.
#!/bin/sh -e
echo "1" > /proc/sys/net/ipv4/ip_forward
sh /etc/firewall-rules.sh
sh /etc/routing_table.sh
exit 0
ConversionConversion EmoticonEmoticon