How to configure ubuntu server with 2 NICs, and 2 Gateways (2nd as a failover)?
Solution 1
From what I can gather you're looking for a solution to your problem more than a learning experience, I'd personally suggest you take a look at NIC bonding..
Does exactly what it says on the tin. Provides redundancy and an increase in performance.
Link Aggregation and High Availability with Bonding
Solution 2
If advanced routing is a bit difficult for you then I would not recommend this approach.
The problem is that by default each dhcp lease will claim the default route and also update the list of dns servers. Then there is the firewall issue: how to detect when the it is down, etc
Buying a cheap and easy to configure router might just be better for you.
Related videos on Youtube
Daniel Upton
Updated on September 18, 2022Comments
-
Daniel Upton almost 2 years
Here is a basic overview of the network configuration for one of our servers:
[Datacenter] [Internet Connection #1] >> [Firewall 1 (xx.xx.xx.1)] >> [Server (xx.xx.xx.10)] >> [Firewall 2 (xx.xx.xx.2)] >> [Server (xx.xx.xx.10)] [Internet Connection #2] >> [Firewall 1 (xx.xx.xx.1)] >> [Server (xx.xx.xx.10)] >> [Firewall 2 (xx.xx.xx.2)] >> [Server (xx.xx.xx.10)]
The server is a hypervisor and the ubuntu machine i'm having trouble with is a VM.
The VM has 2 network interfaces (one on each network) and the IP addresses etc is all configured by DHCP running on the firewalls.So here's where we're at:
eth0 Gets a DHCP lease and is assigned IP address: xx.xx.xx.143 eth1 Gets a DHCP lease and is assigned IP address: xx.xx.xx.243
However i am unsure where to go from here.
The problem is when I:
ping google.com
It hangs and times out, this can be resolved by disconnecting a NIC.
I am pretty sure this is an issue with routing.I have seen a few tutorials on advanced routing and "the waters a bit deep for me!"
Can anyone provide me descriptive steps on how to configure this?I should also note that the ubuntu server should use xx.xx.xx.1 as the default gate way and by default all traffic should happen on eth0, but if the firewall goes down should use xx.xx.xx.2 and eth1 instead.
-
Daniel Upton over 12 yearsI should clarify: I'm a learn by doing kinda guy.. And i'm not against advanced routing at all i'd just like somebody to explain this kind of configuration.. that way I learn and then the next person like me has a place to go to learn too!
-
Daniel Upton over 12 yearsThanks, does bonding work with multiple gateways?
-
Daniel Upton over 12 yearsSorry, perhaps the downvote was a bit harsh on my part!
-
Jake over 12 yearsBonding will make the two NIC's act as one, what are your reasons for multiple gateways? Redundancy? The advanced routing is going to be a nightmare either way but if it's not for redundancy..
-
Jake over 12 yearsIf you choose multiple NIC's you can use the route command and manually add in routes to specific networks from each interface. You will also nee the IP for the router that knows of the other network. For intstance if I know that 192.168.100.1 knows about the 10.10.10.0 network, I could use the command route add -net 10.10.10.0 netmask 255.255.255.0 gw 192.168.100.1 Of course for this to work, the other side will need to know how to route packets back to you. The default gateway though is where your computer will send any packet that it does not have route information for.
-
mpez0 over 12 yearsI suggest not using DHCP inside the DMZ. The convenience/security tradeoff between the firewalls is different than for the interior network. Diagram the network for yourself, including addresses.