Linux – Which configuration files affect the routing table of a Debian system

debianlinuxnetworkingrouting

As far as I know basic network configuration goes into /etc/network/interfaces and the system generates the routing table from these information. I was also taught that in general /etc/network/interfaces is the place to permanently add custom commands to manipulate the routing table (also suggested sometimes is /etc/rc.local or a custom script in /etc/network/if-up.d/). Furthermore one might specify custom routing tables in /etc/iproute2/rt_tables.

Are there any other places that will affect the (main) routing table?
- In particular, are there any other possibilities besides /etc/network/interfaces to make manually added/deleted routes permanent?
Does a system with multiple NICs have a concept of primary and secondary network interfaces or are these only wordings used to help the user? (During setup one has to choose the primary if and /etc/network/interfaces will contain an appropriate comment.) If such a concept exist, where can it be configured?
Are there any differences of the routing table concept between Debian Squeeze and Debian Jessie?

Background of my question is that I have a legacy Debian Squeeze system and a new Debian Jessie system which boot up with different routing tables but are (as far as I can tell) configured identical. I could manually manipulate the routing table to fit my needs and make the changes permanent using /etc/network/interfaces but I want to understand what is going on.

EDIT

Here are the configuration files of both machines. I changed the first parts of each IP address for privacy reasons. However, subnets and the address parts of the respective networks were not changed. The /etc/network/interfaces.d/ directory on the Jessie machine is empty.

/etc/iproute2/rt_tables on Jessie

#
# reserved values
#
255 local
254 main
253 default
0   unspec
#
# local
#
#1  inr.ruhep

/etc/iproute2/rt_tables on Squeeze

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep

/etc/rc.local on Jessie

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

exit 0

/etc/rc.local on Squeeze

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

exit 0

/etc/network/interfaces on Jessie

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

auto eth1
iface eth1 inet static
    address 143.103.155.254
    netmask 255.255.255.0
    network 143.103.155.0
    gateway 143.103.155.254

# The primary network interface
auto eth2
iface eth2 inet static
    address 27.126.19.194
    netmask 255.255.255.248
    network 27.126.19.192
    broadcast 27.126.19.199
    gateway 27.126.19.193
    # dns-* options are implemented by the resolvconf package, if installed
    dns-nameservers 143.103.5.1
    dns-search subdomain.domain.de

/etc/network/interfaces on Squeeze

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface

auto eth0
iface eth0 inet static
        address 143.103.155.254
        netmask 255.255.255.0
        network 143.103.155.0
        gateway 143.103.155.254

auto eth2
iface eth2 inet static
        address 27.126.19.194
        netmask 255.255.255.248
        network 27.126.19.192
        broadcast 27.126.19.199
        gateway 27.126.19.193

output of ip route show table main on Jessie

default via 143.103.155.254 dev eth1 
143.103.155.0/24 dev eth1  proto kernel  scope link  src 143.103.155.254 
27.126.19.192/29 dev eth2  proto kernel  scope link  src 27.126.19.194

output of ip route show table main on Squeeze

27.126.19.192/29 dev eth2  proto kernel  scope link  src 27.126.19.194
143.103.155.0/24 dev eth0  proto kernel  scope link  src 143.103.155.254
default via 27.126.19.193 dev eth2
default via 143.103.155.254 dev eth0  scope link

output of route -n on Jessie

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         143.103.155.254  0.0.0.0         UG    0      0        0 eth1
143.103.155.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
27.126.19.192  0.0.0.0         255.255.255.248 U     0      0        0 eth2

output of route -n on Squeeze

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
27.126.19.192  0.0.0.0         255.255.255.248 U     0      0        0 eth2
143.103.155.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         27.126.19.193  0.0.0.0         UG    0      0        0 eth2
0.0.0.0         143.103.155.254  0.0.0.0         UG    0      0        0 eth0

Best Answer

Both of your /etc/network/interfaces files contain one and the same error: the default gateway is specified twice.

You can have multiple default gateways, only under a very specific circumstance (neglecting metrics): that you have several routing tables, each specified in the file /etc/iproute2/rt_tables, but each routing table shall have a single default gateway.

You, instead, specify one for each interface, in the very same table main. So what we are seeing here is a slight difference in the implementation of the iproute2 package, and how it responds to errors.

In the case of Jessie, it establishes the first-mentioned gateway, 143.103.155.254, as the one and only gateway, simply because it is mentioned first. When the declaration of the second gateway, 27.126.19.193, takes place, nothing happens because it is not preceded by

      ip route del default

Squeeze, instead, deals with the error in a different way: it limits the scope of the second gateway to link local. For more info on scope, see the iproute2 manual, which states:

scope link --- the address is link local, valid only on this device.

Wikipedia states that:

In a computer network, a link-local address is a network address that is valid only for communications within the network segment (link) or the broadcast domain that the host is connected to.

Thus the range (imprecise synonym for scope) of the second gateway has been very much limited to its network segment (i.e., its broadcast domain 143.103.155.0/24). Thus Jessie too, in a different way, has coped with your incorrect declaration of multiple gateways in the same routing table.

Of course, there is no expected behavior on how packages deal with errors. The correct way for you to setup your /etc/network/interfaces file is to omit the statement

   gateway 143.103.155.254

altogether (this is strange also because it says that the gateway of your own pc is ... itself!). To see a nice explanation of this read the Initial Solution paragraph here; later, it is also explained how to add multiple gateways, with multiple routing tables.

If, as you claim,

I can try again to verify but I'm pretty sure that I tried that already and still was not able to reach any external IP.

it is most likely because you did not allow IPv4 forwarding from one interface to the other, (as sudo:

     echo 1 > /proc/sys/net/ipv4/ip_forward

takes care of that), or because your iptables rules blocked forwarding.

Best Answer

Related Solutions

Linux – AWS OpenVPN Routing

Related Question