Debian server loses default gateway sporadically

networking routing debian-squeeze

I'm unsure of what's causing my instability but here's what I know:

The server is running Debian with no GUI.

I have a static IP, and /etc/network/interfaces is configured with a 'gateway x.x.x.1' entry.

Periodically, my server loses all internet connectivity, and when I can get to it for access, the default gateway is missing from the routing table.

Because this error halts all traffic to my server, I've set up a cronjob to periodically attempt to 'route add default gw x.x.x.1' so that I don't have to keep physically returning to the machine. I'd like a better solution...

/etc/network/interfaces:

auto lo
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet static
address 192.168.0.121
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
up route add default gw 192.168.0.1
dns-nameservers 192.168.0.1
dns-search domain.com

Why doesn't the entry: up route add default gw x.x.x.1 work in /etc/network/interfaces to keep the gateway in the routing table? Moreover, shouldn't the 'gateway x.x.x.1' entry already make sure that the default gateway stays in the routing table?

Also, what log files should I be looking at in order to track down this reoccurring error?

Side question: could a DoS type attack cause eth0 to go down?


The ifconfig command is not intended to setup anything other than the interface itself, so no gateway is involved.

When you run ifconfig down, the gateway is removed by the kernel because it sees it is no longer valid.

When you run ifconfig up, the kernel can't guess anything about the gateway.

You should use your distro specific command to up the interface (for example with Debian this is ifup eth0), or explicitly use the route command.


I am not sure about debian but redhat requires the sysconfig scripts to be configured in order to keep the gateway settings. I am not sure how relevant this is to debian but it drove me nuts on redhat.


Okay, first off, why are you using ifconfig? On a normal server, you wouldn't touch that unless you were changing IP addresses.

I suspect you have a copy of the DHCP client running somewhere. I've seen intermittent issues like this when dhclient wakes up near the end of the lease expiration time. Make sure this is fully disabled (you can probably go so far as chmod -x or even removing it, as it has no real purpose on production servers). Check ps aux and make sure you don't see anything relating to DHCP.

Last, a DoS attack will not have any effect on your system's gateway address. It's possible it could cause the gateway to go down (if it overwhelms the router), but it would not cause your system to suddenly remove it from your routing table.

Related

Why is bluetooth support one of the default packages in "Base" when doing an RHEL/CentOS server install? [closed]
Resource temporarily unavailable while connecting to upstream (php5-fpm)
PG pool failover leads to two independent masters with network failure
centos/redhat: change open files ulimit without reboot?
How to kill a single request in IIS?
Does LUKS also encrypt free space?
Windows Application Experience Service
How do SaaS services provide SSL for the people with "personalized" domains?
How do I set up an IP address on a Linux VM running in VM Player so I can access it from my Windows 7 host?
How to generate a key file out of a .cert?
Can I use CAT 6a connectors with 7a cable (and get 6a performance)?
HP P4000 LeftHand SRA for SRM will not install on vSphere 5.1