-1

I have a machine with 2 network interfaces on it eth0 and eth1. I want to use interface eth0 for internet and eth1 for my intranet communication which is connected to a internal router.

The internet connection works fine when only the interface eth0 is up and interface eth1 is down. The routing table is as shown below when eth1 is down.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.24.140.1     0.0.0.0         UG    0      0        0 eth0
10.24.140.0     0.0.0.0         255.255.252.0   U     1      0        0 eth0

When I bring the interface eth1 up, a default routing entry is added in the routing table with Destination as 192.168.1.0 and Gateway as 0.0.0.0 and this creates problems.

Now whenever I try to ping a public domain like www.google.com, the ping results always show that the system tried to ping 192.168.1.1. Even the 'nslookup' for www.google.com results in the IP of the domain as 192.168.1.1.

I don't understand why the nslookup is failing just by bringing the eth1 up. I am no longer able to access the internet and things are getting messed up.

I have tried deleting the routing entry for 192.168.1.0, but that doesn't help. A simple reboot of the machine would add the routing entry again and things would be in messed up situation again.

Kindly suggest what I can try so that both the networks fine on my machine.

Krishna Oza
  • 99
  • 1
  • 2
  • Please explain the reason for down voting the question. – Krishna Oza May 05 '17 at 11:07
  • 1
    Don't configure a default gateway for eth1. Your DNS issues are another matter which you haven't addressed in your question. (the downvote wasn't by me, btw) – Brandon Xavier May 05 '17 at 11:24
  • @BrandonXavier I am not configuring the default gateway for `eth1` , it is getting added automatically when the interface is brought up. Also regarding down voting, I don't mind it just wanted to learn and improve the question. – Krishna Oza May 05 '17 at 11:27
  • It would be helpful to see the routing table after both interfaces are up. And is it safe to assume you're using DHCP for eth1? A distro type would be helpful to make suggestions for patching up the routing table after eth1 is brought up. – Brandon Xavier May 05 '17 at 11:31
  • 2
    You should use `dig` instead of `nslookup`. It is the correct tool for diagnosing DNS issues. – Jenny D May 05 '17 at 12:26

1 Answers1

3

You are seeing one symptom (DNS lookup returning the wrong IP), but confusing this with routing. Routing itself has nothing to do with your issue, DNS lookups do. The fact that bringing up a second NIC means that something on that second network is causing this to happen.

What you need to do is find out what is going on with your DNS lookups. Somewhere you have a DNS server returning 192.168.0.1 for all of your queries.

Additionally, nslookup is not really the tool of choice for working on Linux. You should try using dig. dig +trace google.com will give you a full breakdown of the queries that it is making in order to resolve the IP address, and can show you where things are going wrong.

Alternatively, you can run a pcap and analyse your capture in something like Wireshark. This will show you the exact packets that are being transferred over the network and could give you some idea of what's going on.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
  • Yet to try `dig` , will definitely try that. But just to clear the doubt `DNS Lookup` doesn't need routing information correct ?. Also on `Ubuntu` the `DNS` information is not cached nowadays and is always fetched from the configured `DNS` server present at `/etc/resolv.conf`. – Krishna Oza May 05 '17 at 16:12
  • DNS Lookup uses routing information insomuch as it's an IP packet, and IP needs routing if it's going outside your network. But a DNS lookup does not explicitly need routing. And I don't know about Ubuntu specifically, but yes on a normal Linux installation DNS is not cached locally. – Mark Henderson May 05 '17 at 17:02
  • About the `DNS` not requiring routing was that we can reach our default `DNS` server without any routing and the respective primary or secondary `DNS` server further takes care of routing if it fails to get a successful lookup. Correct me if am wrong about no need of routing from machine to primary/secondary `DNS` server. – Krishna Oza May 05 '17 at 17:41
  • Correct, your client machine only needs to be able to access its configured DNS server (which may or may not need routing). Everything after that, the DNS server takes care of. – Mark Henderson May 05 '17 at 18:17