DEFROUTE vs GATEWAY in RHEL7

Question

I've disabled Network Manager and I'm using ifcfg- scripts for network configuration. And I'm trying to find the difference between DEFROUTE="yes" and GATEWAY options.

I understand that "ifcfg files are parsed in numerically ascending order, and the last GATEWAY directive to be read is used to compose a default route in the routing table." as per RHEL documentation. But how is DEFROUTE used?

For instance ifcfg-em1 has DEFROUTE="yes" and the GATEWAY options specified. And ifcfg-em2 has only GATEWAY option. And I see that ifcfg-em2 GATEWAY is being added to the routing table as a default gateway. What is the reason to have DEFROUTE at all?

Thanks,
Best regards,
Roman

Answer 1

As per RHEL7 documentation:

In dynamic network environments, where mobile hosts are managed by NetworkManager, gateway information is likely to be interface specific and is best left to be assigned by DHCP. In special cases where it is necessary to influence NetworkManager's selection of the exit interface to be used to reach a gateway, make use of the DEFROUTE=no command in the ifcfg files for those interfaces which do not lead to the default gateway.

So DEFROUTE statement is only used by NetworkManager.

Answer 2

Assume that you have two network cards.

You have provided the IP, subnet and gateway in both network cards; now the system uses both cards to reach the destination.

When you put "DEFROUTE=yes" on one card, then the system uses that card to reach every unknown destination.

Answer 3

The DEFROUTE option determines whether the interface is used to reach the default gateway. If DEFROUTE is set to "yes", the interface is used to reach the default gateway. If DEFROUTE is set to "no", the interface is not used to reach the default gateway.

In your example, ifcfg-em2 has only the GATEWAY option specified, so it is used as the default gateway. If DEFROUTE is set to "yes" in ifcfg-em1, it will also be used to reach the default gateway, but it will not be set as the default gateway itself.

It is important to note that the DEFROUTE option only affects the default gateway and does not affect the routing of other traffic. If you want to control the routing of specific traffic through a particular interface, you can use the "ROUTE" option in the ifcfg file for that interface.

Answer 4

the right answer for this questions is: "seems legit"

Alright, we all know what DEFROUTE means (DEFault ROUTE)

What we don't know is: if in an ifcfg-interface there is a GATEWAY= declaration, then a default route is added to the operating system on ifup interface

What DEFROUTE does is double check this GATEWAY declaration and really add the default route or not add it.

These things and this logic is implemented in /etc/sysconfig/network-scripts/network-functions

[afk@yatebts.com ~]# grep GATEWAY /etc/sysconfig/network-scripts/network-functions
    if [ -n "${GATEWAY}" -a "${GATEWAY}" != "none" ] ; then
        dev=$(LC_ALL=C /sbin/ip route get to "${GATEWAY}" 2>/dev/null | \
            GATEWAYDEV="$dev"
# FIXME: This function doesn't support some newer features (GATEWAY in ifcfg,
    if [ "$GATEWAYDEV" != "" -a -n "${GATEWAY}" -a \
             "${GATEWAY}" != "none" ]; then
            if [ "$GATEWAY" = "0.0.0.0" ]; then
                /sbin/ip route add default dev ${GATEWAYDEV}
                /sbin/ip route add default via ${GATEWAY}
[afk@yatebts.com ~]#