I'm trying to configure a new VLAN/Subnet on my Ubuntu 18.04 servers. I'm trying to follow the example here: https://netplan.io/examples/#configuring-source-routing
But when I follow that example, I can SSH into the servers via the br10 interface address. But from there, I can't ssh to the other nodes via either the br10 or br11 interface. Additionally, the Kubernetes cluster running on the Servers can no longer communicate with the other components. The problem that I'm trying to solve is that when users connect to a service running on the br11 interface, the response packet is going out over the br10/VLAN10 interface and being dropped by the network.
Here is my netplan configuration:
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses: []
dhcp4: false
dhcp6: false
eth1:
addresses: []
dhcp4: false
dhcp6: false
bonds:
bond0:
interfaces:
- eth0
- eth1
dhcp4: false
dhcp6: false
parameters:
lacp-rate: fast
mii-monitor-interval: 100
mode: 802.3ad
vlans:
vlan10:
id: 10
link: bond0
dhcp4: false
dhcp6: false
vlan11:
id: 11
link: bond0
dhcp4: false
dhcp6: false
bridges:
br10:
interfaces:
- vlan10
addresses:
- 10.0.10.2/24
nameservers:
addresses:
- 10.0.1.1
- 10.0.1.2
search:
- domain.com
dhcp4: false
dhcp6: false
routes:
- to: 0.0.0.0/0
via: 10.0.10.1
- to: 10.0.10.0/24
via: 10.0.10.1
table: 10
routing-policy:
- from: 10.0.10.0/24
table: 10
br11:
interfaces:
- vlan11
addresses:
- 10.0.11.2/24
nameservers:
addresses:
- 10.0.1.1
- 10.0.1.2
search:
- domain.com
dhcp4: false
dhcp6: false
routes:
- to: 10.0.11.0/24
via: 10.0.11.1
table: 11
routing-policy:
- from: 10.0.11.0/24
table: 11
What am I doing wrong? What's the "right" way to do ensure response packets are routed out the same interface that they arrived on?
Thanks!
Best Answer
Your routing table doesn't show any routes for the br11 interface except for the local network, which doesn't require the use of routing policies anyway. You probably are missing a default route (0.0.0.0/0) for the br11 interface as part of the source routing policy.