Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Permanent Routing Issues

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
Pilferererer
Posts: 3
Joined: 2018-01-26 14:58

Permanent Routing Issues

#1 Post by Pilferererer »

Hello,

I have the following setup for my debian VPN server with two physical NICs. I can get all of the following to issue and routing works perfectly with some ip NAT tables and FORWARD tables but these won't stick on reboot.
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback

allow hot-plug eth0
iface eth0 inet static
hwaddress ether ##:##:##:##:##:##
adddress 192.168.2.2
netmask 255.255.255.0
network 192.168.2.0
broadcast 19.168.2.255
gateway 192.168.2.1
dns-servers 208.67.220.220 208.67.222.222
post-up ip route add default gw 192.168.2.1 eth0
post-up ip route add 192.168.2.0/24 dev eth0 src 192.168.2.2 NIC_eth0
post-up ip route add default via 192.168.2.1 dev eth0 table NIC_eth0
post-up ip rule add from 192.168.2.2/32 table NIC_eth0
post-up ip rule add to 192.168.2.2/32 table NIC_eth0

allow hot-plug eth1
iface eth1 inet static
hwaddress ether ##:##:##:##:##:##
address 192.168.3.1
netmask 255.255.255.0
network 192.168.3.0
broadcast 192.168.3.255
gateway 192.168.3.1
dns-nameservers 208.67.220.220 208.67.222.222
post-up ip route add default gw 192.168.3.1 eth1

Nothing is sticking for some reason I don't see any errors in dmesg - maybe logging isn't high enough or something?

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Permanent Routing Issues

#2 Post by bw123 »

allow hot-plug eth0

Code: Select all

man interfaces | grep 'allow hot-plug'
echo $?
1
resigned by AI ChatGPT

Pilferererer
Posts: 3
Joined: 2018-01-26 14:58

Re: Permanent Routing Issues

#3 Post by Pilferererer »

Soooo. the cryptic response is telling me the allow hot-plug is returning a 1 which is meaning it is wrong, thanks - not sure if you are being a smartass or what but thanks for pointing me in the right direction

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Permanent Routing Issues

#4 Post by bw123 »

Pilferererer wrote:Soooo. the cryptic response is telling me the allow hot-plug is returning a 1 which is meaning it is wrong, thanks - not sure if you are being a smartass or what but thanks for pointing me in the right direction
Yeah, maybe I was a little short, but I thought your "Nothing is sticking for some reason" cryptic.

I like ifupdown, but it is unforgiving with syntax. Also it has some strange quirks, sometimes I use something like this with post-up commands

Code: Select all

post-up domystuff.sh || true
The allow-hotplug works better for me most of the time. This doesn't seem to actually bring the network up immediately thouthg when using systemd. Maybe auto would be better for you, so try that. The way I understand it, the interfaces file is ran as one big event by systemd. Some services you expect to 'up' might not be available yet.

Also, when using static with ifupdown, I have found it is really necessary to use an address outside of the range of any dhcp server that is running. I haven't setup any vpn myself this way, so I can't help more with that.

ifupdown has seen a lot of use, so there should be a huge amount of information for you to look through on the forum, and the internet. There is really great documentation available in the man pages for interfaces, ifup, ifdown as well as /usr/share/doc/ifupdown

Hang in there, it's all a learning process.

Good Luck.
resigned by AI ChatGPT

Pilferererer
Posts: 3
Joined: 2018-01-26 14:58

Re: Permanent Routing Issues

#5 Post by Pilferererer »

Thank you, I didn't mean to be cryptic, I guess what I meant was the resulting network interface configuration and rules and routing left me _without_ some of the post-up routes and rules. Meaning that the post-up stuff is being skipped completely for some reason and it seems to just be doing configuration based on ARP. The configuration of the individual interfaces eth0 and eth1 is taking successfully. It is just the route and rules.

I see so much reference to using a script and calling that on startup, to do it in /etc/network/interfaces, to do it with iproute2, all over the place but nothing seems to work :(

Seems like it should just work in /etc/network/interfaces - I'll try some of the things you recommended. The VPN stuff interestingly enough works fine when openvpn daemons are kicked off, the iptables stuff all works too for FORWARD and MASQUERADE and entries created by the daemon which setting up is so much more complex. Just wish this other stuff would work.

thanks!

Post Reply