0

In my server, I have two ethernet cards:

  • enp0s17, local IP 192.168.0.7, router's public address x.x.x.x, netmask 255.255.255.255
  • enp0s18, local IP 172.16.0.7, router's public address y.y.y.y, netmask 255.255.255.0

On both networks, any incoming traffic of the two public IPs is routed to the server. So, actually any SSH, HTTP etc. going to x.x.x.x should be forwarded to 192.168.0.7 and any traffic to y.y.y.y should be forwarded to 172.16.0.7.

Unfortunately, this is only working for one of them at once. Sometimes (after dis- and reconnecting the server to internet e.g. after reboot) this works for enp0s17 and sometimes for enp0s18 but never for both at the same time. (So, both routers are routing properly, seems to be an issue of the server.)

Same issue applies for outgoing traffic tested with curl --interface enp0s1X ....

On the other hand, any local traffic is routing properly. In both networks, the server is always available on it's local IPs.

Does anyone have an idea what might cause this issue or how to solve it?

For testing purpose I completely disabled the firewall, so, this shouldn't be the problem.

(Both interfaces are using IPv6 prefix delegation too but I just left it out as it's working properly.)

Both routers are Ubiquiti EdgeRouters. IPs are statically given by the DHCP servers on the routers. Network configuration is done using netplan. Using Ubuntu 20.04.

My netplan config:

network:
    version: 2
    renderer: networkd
    ethernets:
       enp0s17:
          dhcp4: yes
          dhcp6: yes
       enp0s18:
          dhcp4: yes
          dhcp6: yes

default route:

default via 192.168.0.1 dev enp0s17 proto dhcp src 192.168.0.7 metric 100 
default via 172.16.0.1 dev enp0s18 proto dhcp src 172.16.0.7 metric 100 
172.16.0.0/16 dev enp0s18 proto kernel scope link src 172.16.0.7 
172.16.0.1 dev enp0s18 proto dhcp scope link src 172.16.0.7 metric 100 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
172.18.0.0/16 dev br-b20299b5e473 proto kernel scope link src 172.18.0.1 
172.19.0.0/16 dev br-ba582f6855c2 proto kernel scope link src 172.19.0.1 
192.168.0.0/24 dev enp0s17 proto kernel scope link src 192.168.0.7 
192.168.0.1 dev enp0s17 proto dhcp scope link src 192.168.0.7 metric 100
TheOneWithTheBraid
  • 5
  • 2
  • I'm not sure it's not the router. but what is the default route on your server? – Ron Trunk Jun 26 '20 at 12:49
  • @RonTrunk Thank you. As both routers are routing properly to the server as well as to other devices I expect it to be due to the server. Moreover, I added the route. – TheOneWithTheBraid Jun 26 '20 at 12:52

1 Answers1

0
default via 192.168.0.1 dev enp0s17 proto dhcp src 192.168.0.7 metric 100 
default via 172.16.0.1 dev enp0s18 proto dhcp src 172.16.0.7 metric 100

Your problem is you have two default routes -- you can only have one. Your incoming data is fine. But when your server sends a reply, since you have two default routes, the server alternates between the two routes. i.e., half the packets go the wrong direction.

You need to pick one interface for your default, and you will need to add explicit routes for your other networks.

Ron Trunk
  • 2,159
  • 1
  • 11
  • 19
  • Thank you very much. I removed the unwanted default route by `ip route delete default dev enp0s18 table main` and then followed [this excellent guide](http://www.rjsystems.nl/en/2100-adv-routing.php) to create a second route for my second interface. – TheOneWithTheBraid Jun 26 '20 at 15:46
  • @RonTrunk actually there's no load balancing between the two "default" routes: all use the first displayed. That's different from routes using the multipath route with "nexthop" syntax. – A.B Jun 26 '20 at 16:24