routing tables on two NICs for network monitoring

Shawn Iverson shawn at nccsc.k12.in.us
Thu Jan 22 12:51:58 UTC 2004 

> From: Rick Stevens [mailto:rstevens at vitalstream.com]
> Sent: Wednesday, January 21, 2004 9:03 PM
> > 
> > route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.32.0.254 dev eth0
> > route add -net 192.168.0.0 netmask 255.255.0.0 gw 
> 10.32.0.254 dev eth0

Aren't these lines above ok?  If I don't specify 10.32.0.254 as the gateway,
nothing will go beyond the 10.10.0.0/16 subnet.  I have many subnets with
10.x.0.0/16 addresses spanning several buildings and one 192.168.1.0/24
subnet.

> > 
> > /etc/sysconfig/network-scripts/route-eth0 is my guess to 
> add the above to
> > make the changes permanent
> > 
> > GATEWAY0=10.32.0.254
> > NETMASK0=255.0.0.0
> > ADDRESS0=10.0.0.0
> > GATEWAY1=10.32.0.254
> > NETMASK1=255.255.0.0
> > ADDRESS1=192.168.0.0
> 
> GOD NO!  Bad dog!  Bad!  NEVER assign a host an IP address that's the
> same as the network (your "ADDRESS0=10.0.0.0" and
> "ADDRESS1=192.168.0.0" lines).  Also NEVER assign a host the 
> IP address
> that is the broadcast address for the net (where the host bit is all

I thought that I was specifying a network above, not a host.  Does that mean
that the route-eth0 file only does routes to hosts?  I want to make the
network routes persistent (ifdown/ifup/reboot all do not cause the routes to
vanish).

> 
> Put the default gateway in /etc/sysconfig/network:
> 
> 	GATEWAY=172.16.1.1
> 
> and remove it from any /etc/sysconfig/network-scripts/ifcfg-ethx file.
> You should NEVER have more than one default route.  Each 
> ifcfg-ethx file
> should have the following lines at a minimum:
> 
> 	DEVICE=
> 	BOOTPROTO=
> 	IPADDR=
> 	NETMASK=
> 	ONBOOT=
> 
> The "NETWORK=" and "BROADCAST=" are optional.
> 
> You shouldn't need any routes at all for your internal 
> network, provided
> the IP addresses you're hitting are all on the 10.0.0.0/8 network (in
> other words, all the internal stuff is on 10.x.y.z).  By 
> default, you've
> set eth0 to be on that network.  If you need to speak to 
> 192.168.0.0/16,
> then add a static route.  The command would be:
> 
> 	route add -net 192.168.0.0 netmask 255.255.0.0 device eth0

That's all good and well, but the network has many subnets beyond the
10.10.0.254 gateway spanning many buildings, i.e. 10.11.x.x/16 and
10.12.x.x/16 etc.  If I do this then no traffic will go beyond the local
subnet.  Also, the route command does not make routing table changes
persistent, AFAIK, and I have been advised not to use rc.local for network
configurations because rc.local will not execute when ifdown/ifup are
invoked or if the interface becomes unplugged.

More information about the fedora-list mailing list