Centos 6.2 Fresh ‘Basic Server’ install networking issues

centos6.2gatewaynetworkingroutingstatic-routes

I've had a /29 provisioned on a network port for a server and am trying to at least configure the machine so I can ssh into it. It's Centos 6.2 x64 with the Basic Server install. Currently not able to ping gateway or any address for that matter.

For reference:

Default Interface: em2
Network ID: 66.*.*.0/29
Gateway: 66.*.*.1
Broadcast: 66.*.*.7

Please see my following configs:

/etc/sysconfig/network-scripts/ifcfg-em2

DEVICE=em2
NM_CONTROLLED=yes
ONBOOT=yes
HWADDR=Not Important
TYPE=Ethernet
BOOTPROTO=none
IPADDR=66.*.*.2
PREFIX=29
DNS1=8.8.8.8
DNS2=8.8.4.4
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System em2"
NETMASK=255.255.255.248
USERCTL=no

$: route -n
Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface
66.*.*.0       0.0.0.0    255.255.255.248   U   0   0     0  em2
169.254.0.0    0.0.0.0    255.255.0.0       U   0   1003  0  em2
0.0.0.0        66.*.*.1   0.0.0.0           UG  0   0     0  em2

$: route
Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface
66.*.*.0       *          255.255.255.248   U   0   0     0  em2
link-local     *          255.255.0.0       U   0   1003  0  em2
default        66.*.*.1   0.0.0.0           UG  0   0     0  em2

$: cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=excalibur.domain.com
GATEWAY=66.*.*.1

Keep in mind that I cannot even currently ping the gateway which is quite confusing for me. My /etc/hosts are configured correctly with the *.2 address. I'm not concerned with getting all of the addresses on the /29 up and running yet, just one so I can at least ssh in.

Thanks!

Edit: Adding in ifconfig.

$: ifconfig

em2     Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
        inet addr:66.*.*.2  Bcat:66.*.*.7  Mask:255.255.255.248
        inet6 addr: 
        UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1
        RX packets:5536 errors:0 dropped:0 overruns:0 frame:0
        TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
        collisions:0 txqueuelen:1000
        RX bytes:2599469 (2.4 MiB)  TX bytes: 748 (748.0 b)
        Interrupt:48 Memory:dc000000-dc012800

lo      Link encap:Local Loopback
        inet addr:127.0.0.1  Mask:255.0.0.0
        inet6 addr: ::1/128 Scope:Host
        UP LOOPBACK RUNNING MTU:16436 Metric:1
        RX packets:34 errors:0 etc etc

Best Answer

Your routes and configuration look fine. 

$: route -n
Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface
66.*.*.0       0.0.0.0    255.255.255.248   U   1003      0   0     0  em2
0.0.0.0        66.*.*.1   0.0.0.0           UG     0      0   0     0  em2

The first route, 66.*.*.0/29 with gateway 0.0.0.0 tells your computer to use interface em2 and then make an arp request to find the hardware address of the host you're trying to reach. This is a "connected" route.

The second one is the default route, pointing at your default gateway through em2. If you need to send a packet in another network than 66.*.*.0/29, your computer will make an arp request to find 66.*.*.1 and then send the packets to it.

The only thing in your configuration that could be an issue is the NM_CONTROLLED=yes statement in /etc/sysconfig/network-scripts/ifcfg-em2. This tells the system that this interface is controlled by NetworkManager. This could interfere with your static configuration.

However, even without any default gateway you should be able to ping and ssh from the 66.*.*.0/29 subnet to your machine.

Check layer 1 first, and ensure that the cable is plugged on each side. Use leds on nic and switch, and check if the system sees it correctly:

# mii-tool
eth0: negotiated 1000baseT-FD flow-control, link ok

Then verify if any iptables are dropping the packets. Use iptables -L or iptables-save to check for any rules, and iptables -D <rule> to delete them. Pay attention to the default policy.

Also, on some systems, NetworkManager can configure ufw automatically, and I've had issues with static interface configuration that wasn't seen by NM and hence blocked by ufw.

Related Topic