If there are 2 or more network interfaces with public IP addresses in the system, it is not enough to make correct network settings to ensure their availability from the Internet. The downside of the default routing is that all network packets will leave the host through the default gateway. And at the same time, it doesn’t matter which of the interfaces they got initially. In this tutorial, we will configure the availability of multiple network interfaces from the outside in CentOS 8 using source-based routing.
Cloud servers in Serverspace have the ability to automatically configure network interfaces the moment they are added or a server is created. Therefore, if used, proceed to the next step. Otherwise, first you need to register the correct parameters of the network interfaces.
You can copy the configuration below and replace the following values with your own:
Configure all network interfaces in the same way. GATEWAY for the second, third, etc. interfaces are not specified, since this is the default gateway and there should only be one.
We will configure policy-based routing using network-scripts , so we will disable NetworkManager and related services:
systemctl mask NetworkManager.service
systemctl stop NetworkManager.service
systemctl mask NetworkManager-wait-online.service
systemctl mask NetworkManager-dispatcher.service
Install the network-scripts package
dnf install network-scripts
Let’s start the network service:
systemctl enable network
systemctl start network
Let’s check if the iproute package is present . If not, install it.
dnf install iproute
Let’s create new tables for configuring routing policies.
Add records to the end of the file:
Each row is a new table. Record format – priority space table name . These values must be unique relative to other entries in the file. The priority is numeric, and the table name can contain letters. Add as many new tables as there are interfaces you are customizing.
The following files will show the routing settings. For each interface, you need to create a pair of files: rule-eth-name , route-eth-name , where eth-name should be replaced with the name of the interface. Example for enp0s5 interface :
Insert the following line into it with the current IP address instead of 184.108.40.206 and the name of the table created in the previous step instead of 300:
from 220.127.116.11 lookup 300
We replace 18.104.22.168/24 with the address of our subnet, enp0s5 with the name of the interface, 300 with the name of the corresponding table, and 22.214.171.124 with the gateway for routing traffic and insert it into the open file:
126.96.36.199/24 dev enp0s5 table 300
default dev enp0s5 via 188.8.131.52 table 300
After creating such files for each network interface, restart the network service and our goal is achieved.
systemctl restart network