Google Cloud not routing out over additional NICs

I've deployed a new compute VM in GCP and cannot figure out why the additional NICs (nic/eth1-nic/eth3) are not routing traffic to/from the internet, but eth0 works fine.

GCP Network Interfaces Config

Linux route table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    100    0        0 eth0
10.228.0.0      gateway         255.255.255.248 UG    100    0        0 eth0
gateway         0.0.0.0         255.255.255.255 UH    100    0        0 eth0
cp1.us-central1 0.0.0.0         255.255.255.255 UH    100    0        0 eth0
10.230.0.0      10.230.0.1      255.255.255.248 UG    0      0        0 eth1
10.230.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 eth1
10.232.0.0      10.232.0.1      255.255.255.248 UG    0      0        0 eth2
10.232.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 eth2
10.234.0.0      10.234.0.1      255.255.255.248 UG    0      0        0 eth3
10.234.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 eth3

If I try and ping an internet resource via eth0 it works, but does not for eth1-3.

[root@cp1 ~]# ping -I eth0 1.1.1.1
PING 1.1.1.1 (1.1.1.1) from 10.228.0.2 eth0: 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=54 time=13.2 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=54 time=12.5 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=54 time=13.4 ms
^C
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 12.570/13.101/13.470/0.407 ms
[root@cp1 ~]# ping -I eth1 1.1.1.1
PING 1.1.1.1 (1.1.1.1) from 10.230.0.2 eth1: 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms

I've also checked the GCP firewall and allowed all ingress/egress for troubleshooting purposes.

Any help is appreciated. Thanks


Solution 1:

Because you have exactly one default route - via eth0.

The other interfaces have no public routes from what you've posted, only to various RFC1918-subnets.