Normally, in a Linux host with multiple network interfaces, you have a default getway that is basically routed. Everything else produces asynchronous routing in the system and routers the packages may possibly discard.
In order to avoid this problem, the program "iproute2" exists in all current Linux distributions, which is generally already installed. As already mentioned, only one routing table with only one gateway can be entered in a Linux system. On the one hand, "iproute2" makes it possible to create additional routing tables and, on the other hand, to have them rebased in the system.
It is assumed that the system has the two interfaces enp0s3lf6 and wpl5s0. The two networks to be used have the addresses 192.168.0.0/24 and 172.10.0.0/24. In each case, the .1 represents the gateway of the respective network. In Debian or Ubuntu, the initial configuration of the network in /etc/network/interfaces would look like this:
network interface auto lo
iface lo inet loopback
# The primary network interface allow-hotplug enp0s3lf6
iface enp0s3lf6 inet static
address 192.168.0.10
netmask 255.255.255.0
gateway 192.168.0.1
# The secondary network interface
allow-hotplug wpl5s0
iface wpl5s0 inet static
address 172.10.0.10
netmask 255.255.255.0
For these additional routing tables there exists the file /etc/iproute2/rt_tables, which must be modified accordingly. We give our new routing table the name "srvnet" and the preference of 1.
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
1 srvnet
The system then generates the new routing table and the rules for using the routing table as follows:
ip route add 172.10.0.0/24 dev wpl5s0 src 172.10.0.10 table svrnet
ip route add default via 172.10.0.1 dev wpl5s0 table srvnet
ip rule add from 172.10.0.10/32 table srvnet
ip rule add to 172.10.0.10/32 table srvnet
The first two lines specify that the 172.10.0.0/24 can be reached via the interface wpl5s0 and that the default gateway is located on this interface. The two rules in lines 3 and 4 specify that the incoming traffic should run via the IP address 172.10.0.10 as well as the traffic to and via this IP address must use the routing table srvnet each time.
Once the system is restarted, the "ip route" and "ip-rule" commands are lost again. To prevent the loss, the commands in the network configuration can be permanently entered with the parameter "post-up" in the file /etc/network/interfaces. Thus, the routing is already configured with each initialization of the interfaces.
iface wpl5s0 inet static
address 172.10.0.10
netmask 255.255.255.0
post-up ip route add 172.10.0.0/24 dev wpl5s0 src 172.10.0.10 table svrnet
post-up ip route add default via 172.10.0.1 dev wpl5s0 table srvnet
post-up ip rule add from 172.10.0.10/32 table srvnet
post-up ip rule add to 172.10.0.10/32 table srvnet
If more than two network interfaces exist, repeat this procedure for each additional interface as described.
As soon as DHCP with dynamic address allocation is used, our solution will not work like this. Because the IP address will not be known at the time the interface is configured. Remedy can also afford a "post-up" integrated script
iface wpl5s0 inet dhcp
post-up /etc/network/if-up.d/routeaddWlan
To do this, create the following bash script below /etc/network/if-up.d/.
# vi /etc/network/if-up.d/routeaddWlan
#!/bin/bash
set -e
INTERFACE=`ip addr show | grep -e ':\s*wl' | awk '{print $2}' | cut -d: -f 1`
IP=`ip addr show dev $INTERFACE | grep 'inet ' | awk '{print $2}' | cut -d/ -f 1`
SUBNET=`ip route show | grep 'default' | grep $INTERFACE | awk '{print $3}' | sed 's/.$/0/g'`
GATEWAY=`ip route show | grep 'default' | grep $INTERFACE | awk '{print $3}'`
ip route add $SUBNET/24 dev $INTERFACE src $IP table srvnet
ip route add default via $GATEWAY dev $INTERFACE table srvnet
ip rule add from $IP/32 table srvnet
ip rule add to $IP/32 table srvnet
The script determines the DHCP-assigned IP address, subnet, and gateway to provide these values to the ip commands. Then it executes the ip commands so that they no longer have to be kept in the /etc/network/interfaces.
The ip command provides some parameters that can be used to display the routing tables and rules.
ip route ls table 0
show all currently existing routing tables including the content. Alternatively, too
ip route ls table srvnet
In contrast,
ip rule show
or
ip rule ls
all rules indicate when which routing table is used. The rules are processed until a route is found.