Solved

Linux: The added route is not used by the service

Posted on 2011-09-16
11
318 Views
Last Modified: 2012-05-12
Hello everyone,

I have a tiny problem with my linux server. I added a new route manually with the command

route add -net serverip netmask 255.255.255.255 gw gatewayip

because I wanted a service to use this specific gateway for this serverip.

Problem is the service still uses the old default gw. But I can do a traceroute to the serverip and it uses the new gateway...

Do I have to clear someking of cache?

Thanks a lot for your help

Cheers,
Yves
0
Comment
Question by:Yves_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 36549599
route add -host serverip netmask 255.255.255.255 gw gatewayip

look at netstat -rn
bind the service to the IP that will have the route you want.
you may need to use iptables rules to alter the route based on the source port.
post netstat -rn
0
 

Author Comment

by:Yves_
ID: 36549917
I just run netstat -rn

[~] # netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
255.255.255.255 0.0.0.0         255.255.255.255 UH        0 0          0 eth0
195.186.1.110 10.10.155.254   255.255.255.255 UGH       0 0          0 eth0
10.10.155.1     0.0.0.0         255.255.255.255 UH        0 0          0 eth0
10.10.155.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         10.10.155.253   0.0.0.0         UG        0 0          0 eth0

Open in new window


The IP 195.186.1.110 is the one I want the server to use a diffrent gateway... But he does not do it...
0
 
LVL 78

Expert Comment

by:arnold
ID: 36549998
What is the gateway you want it to use?
Cirrently you have a single entry that deals with access to 195.168.1.110 to be routed via 10.10.155.254.

if you traceroute to 195.168.1.110, the route should go from 10.10.155.1  to 10.10.155.254
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:Yves_
ID: 36550080
I want the server to use the gateway 10.10.155.254 to route to 195.186.1.110.

If I do a traceroute 195.186.1.110 I get

[~] # traceroute 195.186.1.110
traceroute to 195.186.1.110 (195.186.1.110), 30 hops max, 40 byte packets
 1 10.10.155.254 (10.10.155.254)  0.35 ms  0.346 ms  0.353 ms
 2  82.136.96.1 (82.136.96.1)  28.305 ms  18.038 ms  19.871 ms
 3  bun1001-270100-dzpr210-zg.datazug.net (212.4.76.193)  7.098 ms  5.601 ms  6.45 ms
 4  gi9-7.ccr01.zrh01.atlas.cogentco.com (149.6.176.177)  6.984 ms  8.859 ms  6.259 ms
 5  te3-1.ccr01.bsl01.atlas.cogentco.com (130.117.2.146)  7.63 ms  8.946 ms  9.43 ms
 6  te3-1.ccr01.brn01.atlas.cogentco.com (154.54.39.249)  11.158 ms  8.746 ms  9.561 ms
 7  te1-4.ccr01.gva01.atlas.cogentco.com (130.117.48.201)  11.916 ms  11.988 ms  12.771 ms
 8  swisscom.gva01.atlas.cogentco.com (130.117.14.54)  16.885 ms  12.499 ms  12.63 ms
 9  i68geb-005-gig9-0.bb.ip-plus.net (138.187.130.24)  12.961 ms  12.051 ms  12.781 ms
10  po52.zhbdz09p-rtdi01.bluewin.ch (195.186.0.165)  12.95 ms  15.701 ms  12.145 ms

Open in new window


Which is correct. But the service on the server still connects thru the old gateway...
0
 
LVL 78

Accepted Solution

by:
arnold earned 250 total points
ID: 36550141
Did you restart the service after making the change?
based on the routing table, anything sent from any service on this system to 195.186.1.110 will be routed to 10.10.155.254
can you place a deny rule on 10.10.155.253 that any packet from 10.10.155.1 to 195.186.1.110 be logged to see whether any of these packets are seen there??
You could instead of adding the static route to the system, add the static route on the 10.10.155.253 router to route all packets destined to 195.186.1.110 to 10.10.155.254
You may run into a routing loop if 10.10.155.254 uses 10.10.155.253 as a default gateway.
0
 

Author Comment

by:Yves_
ID: 36550805
I shutdown the service and started it again. I also tried that for the network (/etc/init.d/network.sh restart) With the result that my routing table entrie got cleaned out...

The last idea is really good. Did not thought of that. Going to try it out soon.
0
 

Author Comment

by:Yves_
ID: 36559486
Okay, I made a rule on my router 10.10.155.253 to send all the traffic for 195.186.1.110 to 10.10.155.254 which worked out perfect.

But should this not be possible on the system directly?
0
 
LVL 78

Expert Comment

by:arnold
ID: 36561467
It should have.  not clear what might have been going on.
0
 

Author Comment

by:Yves_
ID: 36563883
any ideas how to debug? or log?
0
 
LVL 78

Expert Comment

by:arnold
ID: 36564009
You could enable logging on the 10.10.155.253 to see whether traffic from 10.10.155.1 to 195.186.1.110 was actually making its way through.
using a network monitoring tool such as wireshark on the system could shed light whether a packet destined to 195.186.1.110 was not following the routing rule you added.

IMHO, when possible, it is better to control from a central point versus trying o configure individal system with individual routes unless no other option is available.

You could use netstat -rnC to see what routing statistics are reporting.


0
 

Author Closing Comment

by:Yves_
ID: 36579498
Thanks again arnold
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question