GNOME Bugzilla – Bug 549393
NetworkManager sets up wrong route for bridged interfaces
Last modified: 2009-02-03 12:45:16 UTC
Please describe the problem: I have eth0 bridged, and a tun/tap device sharing the bridge. However, my main traffic runs through eth1. Eth1 is on a completely different subnet, it's a Cisco VPN router. Both ethernet cards are set to roaming in the NetworkManager so I can access both the local subnet and the remote (VPN) subnet. When the VPN goes down, NetworkManager falls back to eth0, and sets up the routing table incorrectly. I can fix this by hand, but it appears that every time quanta NetworkManager wakes up and checks it's connections, it resets the routing table, so it's only a temporary fix. It almost looks like it ignores br0, and only knows about eth0. If I kill NetworkManager after the temporary fix is applied, it won't reset the routes. Steps to reproduce: 1. Setup both eth0 and eth1 as described. See further info below. 2. Pull the wire from eth1, NetworkManager falls back to eth0. 3. The routing table sets the default via eth0, instead of default via br0. Actual results: I can not access any external networks, local network still is accessible. (Sometimes the local network isn't accessible, I'm not sure why) Expected results: I expect NetworkManger to do the same thing as when it is first booted, which is assign defaults via br0. It should route through eth1 for system access, and allow me to bridge through eth0 for virtualization. Does this happen every time? Yes. Quite annoyingly, as the VPN only fails once every few months or so. Other information: $ cat /etc/network/interfaces auto tap0 iface tap0 inet manual up ifconfig $IFACE 0.0.0.0 up down ifconfig $IFACE down tunctl_user kjmph auto br0 iface br0 inet dhcp bridge_ports eth0 tap0 $ ping www.google.com PING www.google.com (74.125.19.147) 56(84) bytes of data. From death.local (192.168.2.17) icmp_seq=1 Destination Host Unreachable --- www.google.com ping statistics --- 2 packets transmitted, 0 received, +1 errors, 100% packet loss, time 999ms $ ifconfig br0 Link encap:Ethernet HWaddr 00:e0:81:72:ed:68 inet addr:192.168.2.17 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:81ff:fe72:ed68/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:308103 errors:0 dropped:0 overruns:0 frame:0 TX packets:64729 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:81163468 (77.4 MB) TX bytes:46099697 (43.9 MB) eth0 Link encap:Ethernet HWaddr 00:e0:81:72:ed:68 inet addr:192.168.2.17 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:81ff:fe72:ed68/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:308859 errors:0 dropped:0 overruns:0 frame:0 TX packets:65740 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:85696143 (81.7 MB) TX bytes:46557328 (44.4 MB) Interrupt:248 Base address:0x8000 eth1 Link encap:Ethernet HWaddr 00:e0:81:72:ed:69 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:1645051 errors:0 dropped:0 overruns:0 frame:0 TX packets:1391601 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1759535808 (1.6 GB) TX bytes:176975872 (168.7 MB) Interrupt:249 Base address:0xa000 eth1:avahi Link encap:Ethernet HWaddr 00:e0:81:72:ed:69 inet addr:169.254.8.250 Bcast:169.254.255.255 Mask:255.255.0.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 Interrupt:249 Base address:0xa000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:11313 errors:0 dropped:0 overruns:0 frame:0 TX packets:11313 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2387283 (2.2 MB) TX bytes:2387283 (2.2 MB) tap0 Link encap:Ethernet HWaddr 00:ff:3b:e0:8f:69 inet6 addr: fe80::2ff:3bff:fee0:8f69/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:261420 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) vbox0 Link encap:Ethernet HWaddr 00:ff:c1:e6:ed:fe inet6 addr: fe80::2ff:c1ff:fee6:edfe/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:261354 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) $ sudo ip route 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.17 192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.17 169.254.0.0/16 dev eth1 proto kernel scope link src 169.254.8.250 169.254.0.0/16 dev eth0 scope link metric 1000 default via 192.168.2.1 dev eth0 default via 192.168.2.1 dev br0 metric 100 default dev eth1 scope link metric 1000 $ sudo ip route del default via 192.168.2.1 dev eth0 $ sudo ip route flush cache $ ip route 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.17 192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.17 169.254.0.0/16 dev eth1 proto kernel scope link src 169.254.8.250 169.254.0.0/16 dev eth0 scope link metric 1000 default via 192.168.2.1 dev br0 metric 100 default dev eth1 scope link metric 1000 $ ping www.google.com PING www.l.google.com (64.233.169.147) 56(84) bytes of data. 64 bytes from yo-in-f147.google.com (64.233.169.147): icmp_seq=1 ttl=244 time=114 ms
NM doesn't natively support bridges yet... that's something we're working on. *** This bug has been marked as a duplicate of 546197 ***