Your routes and configuration look fine.
$: route -n
Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface
66.*.*.0 0.0.0.0 255.255.255.248 U 1003 0 0 0 em2
0.0.0.0 66.*.*.1 0.0.0.0 UG 0 0 0 0 em2
The first route, 66.*.*.0/29
with gateway 0.0.0.0
tells your computer to use interface em2
and then make an arp request to find the hardware address of the host you're trying to reach. This is a "connected" route.
The second one is the default route, pointing at your default gateway through em2
. If you need to send a packet in another network than 66.*.*.0/29
, your computer will make an arp request to find 66.*.*.1
and then send the packets to it.
The only thing in your configuration that could be an issue is the NM_CONTROLLED=yes
statement in /etc/sysconfig/network-scripts/ifcfg-em2
. This tells the system that this interface is controlled by NetworkManager
. This could interfere with your static configuration.
However, even without any default gateway you should be able to ping and ssh from the 66.*.*.0/29
subnet to your machine.
Check layer 1 first, and ensure that the cable is plugged on each side. Use leds on nic and switch, and check if the system sees it correctly:
# mii-tool
eth0: negotiated 1000baseT-FD flow-control, link ok
Then verify if any iptables
are dropping the packets. Use iptables -L
or iptables-save
to check for any rules, and iptables -D <rule>
to delete them. Pay attention to the default policy.
Also, on some systems, NetworkManager
can configure ufw automatically, and I've had issues with static interface configuration that wasn't seen by NM
and hence blocked by ufw
.
For any network device which is not my default gateway, I usually set the default route flag to no:
DEFROUTE="no"
This seems to work without any issues for my servers with multiple network interfaces. If you then restart your network service or interfaces, you should be able to check the routes to see that this is actually working:
/sbin/route -n
Hopefully this helps.
Best Answer
I have found a workaround, not ideal but it works. Basically after the system boots run a script that brings the network interface down and then back up again.
Here is the script:
I then created a systemd service and a timer to accomplish the rest, I use a timer to run the service 45 seconds after the system boots. I reckon I could go down to 25 seconds but boot time is not important to me and I want to wait for the interface to be brought up naturally with takes about 15 seconds itself.
The service, called internet.service:
The timer, called internet.timer:
Then all that needs to be done is setting the timer to be enabled
systemctl enable internet.timer
Then when my system boots after the 45 seconds I get a nice
br0: port(enp0s25) entered forwarding state
message on the console which lets me know everything is working as it should be.As I said initially, not an ideal solution but it works