Public IP Gateway not reachable after creating bond

Issues related to configuring your network
Post Reply
smallbit
Posts: 2
Joined: 2015/02/12 09:59:37

Public IP Gateway not reachable after creating bond

Post by smallbit » 2015/02/12 11:10:46

Hello, to all,

I am new in her and hope, in spite of my bad knowledge of CentOS (and also my bad english), that I can support this community at all and get help also for my problems.
Also I am not a network administrator, so my knowledge about networking is poor (and this is a real understatement)

First of all, I am not using CentOS 5, but RHEL 5. Because they are very similar, I have a question with a networking problem, that I can not solve by myself, but possibly could be solved here.

Here in my company I have a (the last) RHEL 5 Server (all other are running with RHEL 6).
Unfortunately this server had an public IP, which now changed due network issues.
The server has two 1gbit NICs (eth0 and eth1), which have been added as slaves to our bond0 with a private IP. This network works well.
In the past we had on the same NICs a second bond, bond0.1204 (now it is named bond0.10), which had a public IP. With this public IP we were connected to another server out of our company using a VPN with a sec key.

Because we had to give up the old public IP, we had to implement another one with another network range.
I replaced all the entries in the bond0.1204, route0.1204, sec-key, restarted the network (service network restart) and to my surprise there was no connection to the public gateway, also to the WAN (f.e. yum update do not get a connection). The private network is still working. If I disable the public network (ifdown / rename ifcfg-files / service network restart) the public gateway is reachable via ping/traceroute, WAN works (yum update successfull).

I created other bond-configurations, vlan, virtual slave
I tried serveral solution, which I found in the web, but none of them are working for me. At this time I am totally confused, So I am asking here for help.
I created other bond-configurations, vlan, virtual slaves on so on, Now I have this configuration, which still is not working:

My configuration:
in /etc/sysconfig/network-scripts/

[ifcfg-eth0]
# Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet
DEVICE=eth0
TYPE=Ethernet
ONBOOT=no
NM_CONTROLLED=no
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no


[ifcfg-eth1]
# Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet
DEVICE=eth1
TYPE=Ethernet
ONBOOT=no
NM_CONTROLLED=no
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no

[ifcfg-bond0]
DEVICE=bond0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
IPADDR=10.72.12.240
NETMASK=255.252.0.0
# NETWORK=10.72.0.0
GATEWAY=10.72.0.1
TYPE=BOND
IPV6INIT=no
DNS1=10.74.0.2
DNS2=10.74.0.4
DOMAIN=xxx2.xxxxxxxx.net

[ifcfg-bond0.10]
# Please read /usr/share/doc/initscripts-*/sysconfig.txt
# for the documentation of these parameters.
GATEWAY=178.yyy.zzz.65
TYPE=BOND
DEVICE=bond0.10
BOOTPROTO=none
NETMASK=255.252.255.192
IPADDR=178.yyy.zzz.114
DOMAIN=xxx2.xxxxxxxx.net
ONBOOT=yes
USERCTL=no
IPV6INIT=no

[ifcfg-dummy0]
# Please read /usr/share/doc/initscripts-*/sysconfig.txt
# for the documentation of these parameters.
GATEWAY=178.yyy.zzz.65
TYPE=Ethernet
DEVICE=dummy0
HWADDR=ff:ff:.....
BOOTPROTO=none
NETMASK=255.255.255.192
IPADDR=178.yyy.zzz.114
ONBOOT=yes
USERCTL=no
IPV6INIT=no
PEERDNS=yes

not really necessary, WAN isn't reachable, if I delete this file
[ifcfg-ipsec0]
TYPE=IPSEC
AH_PROTO=none
ONBOOT=yes
IKE_PSK=<secret key>
IKE_ENC=3des
IKE_AUTH=md5
#IKE_CERTFILE=
#IKE_PEER_CERTIILE=
#IKE_DNSSEC=yes
ESP_PROTO=3des
SRCGW=178.yyy.zzz.84
DSTGW=194.mmm.nnn.176
SRCNET=178.yyy.zzz.64/26
DSTNET=194.ooo.ppp.128/30
DST=194.mmm.nnn.176
SPI_ESP_IN=
SPI_AH_IN=
SPI_ESP_OUT=
SPI_AH_OUT=

[route-bond0]
ADDRESS0=10.0.0.0
NETMASK0=255.0.0.0
GATEWAY0=10.72.0.1
NETMASK1=255.255.255.255
GATEWAY1=10.74.0.157

[route-bond0.10]
194.ooo.ppp.128/30 via 178.yyy.zzz.84 src 178.yyy.zzz.114


ip a:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether e6:1f:13:25:c5:8b brd ff:ff:ff:ff:ff:ff
inet 169.aaa.bbb.120/24 brd 169.aaa.bbb.255 scope global usb0
inet6 ff.........../64 scope link
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether ff...... brd ff:ff:ff:ff:ff:ff
4: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether ff....... brd ff:ff:ff:ff:ff:ff
5: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether ff........ brd ff:ff:ff:ff:ff:ff
inet 10.72.12.240/14 brd 10.75.255.255 scope global bond0
inet6 .........../64 scope link
valid_lft forever preferred_lft forever
7: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
8: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether ff....... brd ff:ff:ff:ff:ff:ff
inet 178.yyy.zzz.114/26 brd 178.yyy.zzz.127 scope global dummy0
inet6 fff............/64 scope link
valid_lft forever preferred_lft forever
9: bond0.10@bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether ff......... brd ff:ff:ff:ff:ff:ff
inet 178.yyy.zzz.114/26 brd 178.yyy.zzz.127 scope global bond0.10
inet6 ff.........../64 scope link
valid_lft forever preferred_lft forever


I would be happy, if somebody could help me.

Thanks in advance

Christian

smallbit
Posts: 2
Joined: 2015/02/12 09:59:37

Re: Public IP Gateway not reachable after creating bond

Post by smallbit » 2015/02/25 13:44:18

2 parts of the problem solved.

First: Switch was not correct configured for vlan.
Now the bond is working after adjusting the switch.

Second:
Dummy was also not working in spite of a correct configured switch.
First I checked the /etc/modprobe.conf for the entries
alias dummy0 dummy
options dummy numdummies=1

and also in /sys/class/net the directory dummy0.

Entries were correct, I proceeded with checking the entry in
/etc/sysconfig/networking/devices the ifcfg-dummy0
again.

Solution was, that in the directory /etc/sysconfig/networking/devices the ifcfg-dummy0 was not created.
I copied from etc/sysconfig/network-scripts the ifcfg-dummy0 to /etc/sysconfig/networking/devices, afterwards I executed "ifdown dummy0" then "ifup dummy0".

Now the ping responses as expected.

Now I have some issues with the VPN, but this could be a new thread.

Post Reply