I've recently begun a new job, and have inherited an existing infrastructure with a lot of issues.
One of the issues is that the previous admin added static routes to some servers, bound to virtual interfaces, on the command line, without committing them to the server configs. I discovered this by chance, browsing the root history.
The problem I'm faced with is that the history is limited. I only have a couple of the command line entries – but not all of them. However, none of the diagnostic tools I'm familiar with will reveal what virtual interfaces routes are bound to.
To be specific, (with IP addresses mucked with for system privacy), of course:
root@web-a:/home/paul# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
14.17.24.24 10.124.74.65 255.255.255.255 UGH 0 0 0 eth0
14.17.24.23 10.124.74.65 255.255.255.255 UGH 0 0 0 eth0
18.29.146.135 10.124.74.65 255.255.255.255 UGH 0 0 0 eth0
58.21.196.19 10.124.74.65 255.255.255.255 UGH 0 0 0 eth0
10.124.74.64 0.0.0.0 255.255.255.192 U 0 0 0 eth0
0.0.0.0 10.124.74.65 0.0.0.0 UG 0 0 0 eth0
root@mweb-a:/home/paul# ip route show
14.17.24.24 via 10.124.74.65 dev eth0 src 10.124.74.73
14.17.24.23 via 10.124.74.65 dev eth0 src 10.124.74.73
18.29.146.135 via 10.124.74.65 dev eth0 src 10.124.74.73
58.21.196.19 via 10.124.74.65 dev eth0 src 10.124.74.73
10.124.74.64/26 dev eth0 proto kernel scope link src 10.124.74.69
default via 10.124.74.65 dev eth0
root@web-a:/home/paul# history|grep "route add"
66 2012-07-26 14:46:27 - route add -net 14.17.24.23 netmask 255.255.255.255 gw 10.124.74.65 eth0:2
67 2012-07-26 14:46:27 - route add -net 14.17.24.24 netmask 255.255.255.255 gw 10.124.74.65 eth0:2
Hopefully that came through clearly. 'route -n', 'ip route show', neither shows the actual virtual interface the route was bound to. So I have two routes that i don't know which virt interface they should go to (there are five virtual IP's on the server).
Now, an important caveat here is that I suck at routing. I understand the basics – but that's it. I've been a unix/systems admin for quite a long time, but routing has always eluded me, and I never had a need to do anything more advanced than correctly plumbing a few interfaces.
What I'm getting at is that I don't even know if it matters that the routes be bound to specific virtual interfaces. Judging by the output, I suspect that since everything is going out through the same gateway, (and all the virtual interfaces are on the same 10.124.74 network), then they don't need to be bound to individual virt interfaces – I'd think they could just be bound to the physical interface.
I'm not willing to operate on the principle of "it should be fine", however.
Help with clarity would be most appreciated.
Best Answer
Virtual interfaces (i.e.
eth0:0) are a hack created in order to support multiple IP addresses on a single interface inifconfig. They don't really exist -- they're just how you tellifconfigwhich IP address you want to modify. The kernel and the iproute2 tools (i.e.ip) don't know about these virtual interfaces, which is why everything only mentions the real interface. Theroutecommand may have used the virtual interface to determine the source address to use, but otherwise would have just dropped it.You should rather work with the
iptool, which supports multiple addresses on an interface, and use thesrcparameter toip routeif you need to set a specific source address for a route.