[[PageOutline]] = default gateway = * default gateway (default route)の変更方法・扱い * ip route flush cacheでRPDBの更新をせずにパケットの経路を確かめていた箇所があるので、要検証・要修正 = CentOS = == 複数NICでdhcp時 == #multipleDHCPCentos * 最後にLinkUPしたNICのdefaultGWのみ有効になる * ifconfig {{{ eth0 Link encap:Ethernet HWaddr 00:0C:29:XX:XX:XX inet addr:133.XX.XX.177 Bcast:133.51.87.255 Mask:255.255.248.0 (snip) eth1 Link encap:Ethernet HWaddr 00:0C:29:YY:YY:YY inet addr:192.168.50.132 Bcast:192.168.50.255 Mask:255.255.255.0 (snip) eth2 Link encap:Ethernet HWaddr 00:0C:29:ZZ:ZZ:ZZ inet addr:192.168.40.156 Bcast:192.168.40.255 Mask:255.255.255.0 (snip) eth3 Link encap:Ethernet HWaddr 00:0C:29:XY:ZX:YZ inet addr:192.168.0.155 Bcast:192.168.0.255 Mask:255.255.255.0 (snip) }}} * ip route {{{ 192.168.50.0/24 dev eth1 proto kernel scope link src 192.168.50.132 192.168.0.0/24 dev eth3 proto kernel scope link src 192.168.0.155 192.168.40.0/24 dev eth2 proto kernel scope link src 192.168.40.156 133.51.80.0/21 dev eth0 proto kernel scope link src 133.51.80.177 169.254.0.0/16 dev eth3 scope link default via 192.168.0.1 dev eth3 }}} == ifcfg-eth? == * ifcfg-eth? に書いた場合 * /etc/sysconfig/network-scripts/ifcfg-eth0 {{{ DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.40.200 NETMASK=255.255.255.0 GATEWAY=192.168.40.1 ONBOOT=yes }}} * /etc/sysconfig/network-scripts/ifcfg-eth1 {{{ DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.50.200 NETMASK=255.255.255.0 GATEWAY=192.168.50.1 ONBOOT=yes }}} * service network restart {{{ Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] }}} * 結果 => route {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.50.0 * 255.255.255.0 U 0 0 0 eth1 192.168.40.0 * 255.255.255.0 U 0 0 0 eth0 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth1 }}} * この状態で、実際にWANへpingを送るとeth1を通る * tcpdump icmp -n -i eth1 {{{ listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes 01:32:42.314543 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 16947, seq 1, length 64 01:32:42.330849 IP 219.94.129.108 > 192.168.50.200: ICMP echo reply, id 16947, seq 1, length 64 }}} * eth0とeth1を逆にしてみる * eth0 {{{ IPADDR=192.168.50.200 NETMASK=255.255.255.0 GATEWAY=192.168.50.1 }}} * eth1 {{{ IPADDR=192.168.40.200 NETMASK=255.255.255.0 GATEWAY=192.168.40.1 }}} * service network restart {{{ Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] }}} * 結果 => route {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.40.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 192.168.40.1 0.0.0.0 UG 0 0 0 eth1 }}} * 今度もeth1を通る * tcpdump icmp -n -i eth1 {{{ listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes 01:39:05.380029 IP 192.168.40.200 > 219.94.129.108: ICMP echo request, id 26423, seq 1, length 64 01:39:05.392541 IP 219.94.129.108 > 192.168.40.200: ICMP echo reply, id 26423, seq 1, length 64 }}} * LinkUPの順番を変える * ifup eth1; ifup eth0 {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.40.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 }}} * tcpdump icmp -n -i eth0 {{{ listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 01:42:55.952191 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 52536, seq 1, length 64 01:42:55.965580 IP 219.94.129.108 > 192.168.50.200: ICMP echo reply, id 52536, seq 1, length 64 }}} == sysconfig/network == * /etc/sysconfig/network {{{ GATEWAY=192.168.50.2 }}} * ifcfg-eth? に GATEWAY= があるとき * そちらが優先される * 無いとき * /etc/sysconfig/network の GATEWAY= が設定される {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.40.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 192.168.50.2 0.0.0.0 UG 0 0 0 eth0 }}} == 結論 == * /etc/sysconfig/network-scripts/ifcfg-eth? に GATEWAY= の指定がない場合は、/etc/sysconfig/network が参照される * ifcfg-eth? に GATEWAY= の指定がある際は、そちらが参照される * NICが複数ある場合は、最後にLinkUPしたデバイスのgatewayが有効になる === 例 === * eth0 {{{ GATEWAY=192.168.50.1 }}} * eth1 * 指定なし * network {{{ GATEWAY=192.168.50.2 }}} * => route {{{ default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 }}} == route コマンド == * 以下の状態でroute addする {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.40.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 }}} * route add default gw 192.168.40.1 {{{ default 192.168.40.1 0.0.0.0 UG 0 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 }}} * この場合、実際にはeth1を通る {{{ listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes 02:03:27.195895 IP 192.168.40.200 > 219.94.129.108: ICMP echo request, id 51265, seq 1, length 64 02:03:27.212349 IP 219.94.129.108 > 192.168.40.200: ICMP echo reply, id 51265, seq 1, length 64 }}} * route add default gw 192.168.0.1 {{{ SIOCADDRT: Network is unreachable }}} * routing table は変化せず == default が複数あるときの挙動 == * 挙動法則が不明 * route コマンドで、先に表示された行のgwが必ず使われるとも限らない模様 * ifconfig {{{ eth0 => 192.168.50.100 eth1 => 192.168.60.100 eth2 => 192.168.70.100 eth3 => 192.168.40.100 }}} === 例1 === * route {{{ default 192.168.70.200 0.0.0.0 UG 0 0 0 eth2 default 192.168.60.200 0.0.0.0 UG 0 0 0 eth1 default 192.168.50.200 0.0.0.0 UG 0 0 0 eth0 default 192.168.40.200 0.0.0.0 UG 0 0 0 eth3 }}} * ping 219.94.129.108 -c1 * client:eth2 (192.168.70.100) {{{ 03:20:58.808400 IP 192.168.70.100 > 219.94.129.108: ICMP echo request, id 33555, seq 1, length 64 }}} * gw:eth2 (192.168.70.200) {{{ 03:20:58.834723 IP 192.168.70.100 > 219.94.129.108: ICMP echo request, id 33555, seq 1, length 64 }}} === 例2 === * route {{{ default 192.168.40.200 0.0.0.0 UG 0 0 0 eth3 default 192.168.50.200 0.0.0.0 UG 0 0 0 eth0 default 192.168.60.200 0.0.0.0 UG 0 0 0 eth1 default 192.168.70.200 0.0.0.0 UG 0 0 0 eth2 }}} * ping 219.94.129.108 -c1 * client:eth1 (192.168.60.100) {{{ 03:25:08.077550 IP 192.168.60.100 > 219.94.129.108: ICMP echo request, id 37651, seq 1, length 64 }}} * gw:eth1 (192.168.60.200) {{{ 03:25:08.106974 IP 192.168.60.100 > 219.94.129.108: ICMP echo request, id 37651, seq 1, length 64 }}} === 例3 === * route {{{ default 192.168.50.200 0.0.0.0 UG 0 0 0 eth0 default 192.168.60.200 0.0.0.0 UG 0 0 0 eth1 default 192.168.70.200 0.0.0.0 UG 0 0 0 eth2 default 192.168.40.200 0.0.0.0 UG 0 0 0 eth3 }}} * ping 219.94.129.108 -c1 * client:eth3 (192.168.40.100) {{{ 03:29:45.739584 IP 192.168.40.100 > 219.94.129.108: ICMP echo request, id 42515, seq 1, length 64 }}} * gw:eth3 (192.168.40.200) {{{ 03:29:45.773401 IP 192.168.40.100 > 219.94.129.108: ICMP echo request, id 42515, seq 1, length 64 }}} = Ubuntu = * CentOSとは違い、NICの設定ファイルは一つにまとまっている * default が複数あるときの挙動については、~~CentOS同様に不明~~ * 最後に活性化されたNICがdefault gwになる? (そうとも限らない模様。DHCPdからの応答次第?) * default GWにしたくないdeviceに対して、interfacesファイル内でpost-upコマンドを使ってip route delする手法もある {{{ auto eth2 iface eth2 inet dhcp post-up /sbin/ip route del default dev eth2 }}} == 複数NICでdhcp時 == #multipleDHCPUbuntu * 最後にDHCPから取得できるdefaultGW全てが列挙される * ifconfig {{{ eth0 Link encap:Ethernet HWaddr 00:0c:29:xx:xx:xx inet addr:133.xx.xx.18 Bcast:133.51.87.255 Mask:255.255.248.0 (snip) eth1 Link encap:Ethernet HWaddr 00:0c:29:yy:yy:yy inet addr:192.168.50.128 Bcast:192.168.50.255 Mask:255.255.255.0 (snip) eth2 Link encap:Ethernet HWaddr 00:0c:29:zz:zz:zz inet addr:192.168.40.157 Bcast:192.168.40.255 Mask:255.255.255.0 (snip) eth3 Link encap:Ethernet HWaddr 00:0c:29:xy:zx:yz inet addr:192.168.0.222 Bcast:192.168.0.255 Mask:255.255.255.0 (snip) }}} * ip route {{{ 192.168.50.0/24 dev eth1 proto kernel scope link src 192.168.50.128 192.168.0.0/24 dev eth3 proto kernel scope link src 192.168.0.222 192.168.40.0/24 dev eth2 proto kernel scope link src 192.168.40.157 133.51.80.0/21 dev eth0 proto kernel scope link src 133.51.81.18 default via 133.51.87.254 dev eth0 default via 192.168.0.1 dev eth3 default via 192.168.40.2 dev eth2 }}} * eth3にはGWが無いため設定されていない == interfaces == * /etc/network/interfaces {{{ auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.50.200 netmask 255.255.255.0 gateway 192.168.50.1 auto eth1 iface eth1 inet static address 192.168.60.200 netmask 255.255.255.0 gateway 192.168.60.100 auto eth2 iface eth2 inet static address 192.168.70.200 netmask 255.255.255.0 gateway 192.168.70.100 auto eth3 iface eth3 inet static address 192.168.40.200 netmask 255.255.255.0 gateway 192.168.40.1 }}} * route {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.70.0 * 255.255.255.0 U 0 0 0 eth2 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.60.0 * 255.255.255.0 U 0 0 0 eth1 192.168.40.0 * 255.255.255.0 U 0 0 0 eth3 default 192.168.40.1 0.0.0.0 UG 100 0 0 eth3 default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 default 192.168.60.100 0.0.0.0 UG 100 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 }}} * ping 219.94.129.108 -c1 {{{ listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 07:56:54.264373 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 12822, seq 1, length 64 07:56:54.284695 IP 219.94.129.108 > 192.168.50.200: ICMP echo reply, id 12822, seq 1, length 64 }}} 1. sudo ifdown eth2; sudo ifup eth2 * route {{{ default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 default 192.168.40.1 0.0.0.0 UG 100 0 0 eth3 default 192.168.60.100 0.0.0.0 UG 100 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 }}} 1. sudo ifdown eth1; sudo ifup eth1 * route {{{ default 192.168.60.100 0.0.0.0 UG 100 0 0 eth1 default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 default 192.168.40.1 0.0.0.0 UG 100 0 0 eth3 default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 }}} * ping 219.94.129.108 -c1 {{{ 08:01:24.453913 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 42262, seq 1, length 64 08:01:24.475447 IP 219.94.129.108 > 192.168.50.200: ICMP echo reply, id 42262, seq 1, length 64 }}} 1. sudo ifdown eth0; sudo ifup eth0 * route {{{ default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 default 192.168.60.100 0.0.0.0 UG 100 0 0 eth1 default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 default 192.168.40.1 0.0.0.0 UG 100 0 0 eth3 }}} * ping 219.94.129.108 -c1 {{{ 08:02:22.346792 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 56854, seq 1, length 64 08:02:22.368070 IP 219.94.129.108 > 192.168.50.200: ICMP echo reply, id 56854, seq 1, length 64 }}} == route コマンド == * ifup コマンドとは別に保存される 1. sudo route add default gw 192.168.40.1 1. sudo route add default gw 192.168.50.1 1. sudo route add default gw 192.168.60.100 1. sudo ifdown eth2; sudo ifup eth2 1. sudo ifdown eth0; sudo ifup eth0 * route {{{ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.70.0 * 255.255.255.0 U 0 0 0 eth2 192.168.50.0 * 255.255.255.0 U 0 0 0 eth0 192.168.60.0 * 255.255.255.0 U 0 0 0 eth1 192.168.40.0 * 255.255.255.0 U 0 0 0 eth3 default 192.168.60.100 0.0.0.0 UG 0 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 default 192.168.40.1 0.0.0.0 UG 0 0 0 eth3 default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 }}} * ping 219.94.129.108 -c1 {{{ 08:35:41.384666 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 39704, seq 1, length 64 }}} * 更にifdown/ifupするとdefault routeも追加される 1. sudo ifdown eth1; sudo ifup eth1 {{{ default 192.168.60.100 0.0.0.0 UG 0 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0 default 192.168.40.1 0.0.0.0 UG 0 0 0 eth3 default 192.168.60.100 0.0.0.0 UG 100 0 0 eth1 default 192.168.50.1 0.0.0.0 UG 100 0 0 eth0 default 192.168.70.100 0.0.0.0 UG 100 0 0 eth2 }}} * しかし、実際にパケットが通るのはeth0のまま * ping 219.94.129.108 -c1 {{{ 08:37:52.757894 IP 192.168.50.200 > 219.94.129.108: ICMP echo request, id 52248, seq 1, length 64 }}}