ip route with two default gateways
So I have this challenge, and I've searched the internet high and low. Learned a lot - but Im still having some issues regarding my two gateway setup, which I really want to accomplish.
I have two gateways, for various reasons and I am trying to get the two NICs to behave. My problem is with the secondary Gateway (Gateway2), since everything works with Gateway1 and eth0, default route and everything.
So first off, my setup looks somewhat like this:
NAT (in) = Cisco ASA NAT (out)= Zyxel whatever
WAN-IP
NAT (in) - - - - - - - - - - Ubuntu Box 12.04 - - - - - - - - - - - - NAT (out)
Gateway1
10.0.0.1 <-> 10.0.0.50 (eth0) || (eth1) 192.168.0.50 <-> 192.168.0.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gateway2
So I went to:
1. Create new table : "1 zyxelwan"
within "/etc/iproute2/rt_tables"
2. Create routing policy for table (zyxelwan)
ip route add 192.168.0.0/24 dev eth1 src 192.168.0.50 table zyxelwan
ip route add default via 192.168.0.1 dev eth1 table zyxelwan
3. Set the IP rules which makes use of the newly-created routing table:
ip rule add from 192.168.0.50 table zyxelwan
ip rule add to 192.168.0.50 table zyxelwan
I have left out other configurations (for now) to ensure that I was running lighest-possible-config. And it is as if my ip rules are being completely ignored, see here some of the outputs I get after the above mentioned steps.
route -n
Kernel IP routing table
Destination Gateway Genmask Flag Metric Ref Use Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 100 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
Cannot see the table Ive configured, but if I try to apply the routing commands to the table again, I get "file already exists". So the config should be there somewhere.
But when I try to tracepath i.e. 8.8.8.8, I get this result:
tracepath 8.8.8.8
1: 10.0.0.50 0.161ms pmtu 1500
So I tried to delete the gateway, from which it tried to send the traffic (10.0.0.1) - with this result (This should seems to be regardless my ip rules & table).:
tracepath 8.8.8.8
1: send failed
Resume: pmtu 65535
And if I write the route, ommiting the table, and replace the previous default route with:
route add default via 192.168.0.1 dev eth1
It will ofc work,but id really like being able to SSH/VPN into the Ubuntubox from my Cisco Gateway and then access the network on my Zyxel Gateway - Am I missing something dreadfully obvious, or are you smart ppl out there able to point me in the right direction?
I was thinking according my ip rules, it could be as if it only "listens" for traffic, and will direct it out the same interface - according to the table/ip rules - and the solution might just have been "switching the cables around"?
Anyhow, thank you in advance for any suggestions :)
Solution 1:
I resolved the issue, by forcing a bind on the local ip of eth0, of OpenVPN - afterwards, I created another routing table for eth0. I then added a default gateway for eth1 as well, the regular way - no table :)
Thank you for having taken time to look at my original post :)
Solution 2:
The old route command isn't able to properly represent any of the fancy stuff you are doing with the new ip route command. To show the routing configuration, use ip route list table [xx|all] instead of route.