I have debian wheezy based instance with 2 network interfaces (Primary, Secondary).
My setup flow:
vim /etc/network/interfaces
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
ifup eth1
ifconfig -a
eth0 Link encap:Ethernet HWaddr 0a:1e:17:4a:dc:0a
inet addr:172.31.7.189 Bcast:172.31.15.255 Mask:255.255.240.0
inet6 addr: fe80::81e:17ff:fe4a:dc0a/64 Scope:Link
eth1 Link encap:Ethernet HWaddr 0a:74:e6:54:ba:c9
inet addr:172.31.10.172 Bcast:172.31.15.255 Mask:255.255.240.0
inet6 addr: fe80::874:e6ff:fe54:bac9/64 Scope:Link
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
Okay, all fine in this point and both private ips (172.31.7.189, 172.31.10.172) is accessible to ping.
echo "200 out" >> /etc/iproute2/rt_tables
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
200 out
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.0.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
172.31.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
172.31.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1
ip route add default via 172.31.0.1 dev eth1 table out
ip rule add from 172.31.0.0/20 table out
Write failed: Broken pipe
Now instance is not accessible through ssh.
Please help, what i doing wrong?
My workflow is based an tutorial
https://www.lisenet.com/2014/create-and-attach-a-second-elastic-network-interface-with-eip-to-ec2-vpc-instance/comment-page-1/#comment-105
Best Answer
Problem solved.
I tried to define ip rule for whole network 172.31.0.0/20, that's wrong.
When i use private ip from secondary network interface all works fine.
where 172.31.10.172 is private ip from network interface eth1
Instead of "ip rule add from 172.31.0.0/20 table out ..."
P.S. Big thanks to Tomas Nevar