E
E
emellstornn2019-12-27 09:30:22
ubuntu
emellstornn, 2019-12-27 09:30:22

Ubuntu 18.04 3 network interfaces in netplan, two work, the third one doesn't, why?

Good afternoon. There is the following thing: ec2 on Amazon, 3 network interfaces are connected to it, 12 static ip-addresses are screwed (4 for each interface)
According to the Amazon mans, a yaml file was created on this issue with the following content:

network:
  version: 2
  ethernets:
    ens6:
      addresses:
       - 172.31.24.254/20
       - 172.31.23.41/20
       - 172.31.23.226/20
       - 172.31.19.241/20
      dhcp4: no
      routes:
       - to: 0.0.0.0/0
         via: 172.31.16.1 # Default gateway
         table: 1000
       - to: 172.31.24.254
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.23.41
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.23.226
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.19.241
         via: 0.0.0.0
         scope: link
         table: 1000

      routing-policy:
        - from: 172.31.24.254
          table: 1000
        - from: 172.31.23.41
          table: 1000
        - from: 172.31.23.226
          table: 1000
        - from: 172.31.19.241
          table: 1000

    ens7:
      addresses:
       - 172.31.18.160/20
       - 172.31.24.120/20
       - 172.31.22.168/20
       - 172.31.28.164/20
      dhcp4: no
      routes:
       - to: 0.0.0.0/0
         via: 172.31.16.1 # Default gateway
         table: 1000
       - to: 172.31.18.160
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.24.120
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.22.168
         via: 0.0.0.0
         scope: link
         table: 1000
      - to: 172.31.28.164
        via: 0.0.0.0
         scope: link
         table: 1000

      routing-policy:
        - from: 172.31.18.160
          table: 1000
       - from: 172.31.24.120
          table: 1000
        - from: 172.31.22.168
          table: 1000
        - from: 172.31.28.164
          table: 1000

The ens6 interface functions completely, responds from the outside. Ens7 responds only from the server itself, it does not respond from the outside. Where is the dog buried?
Thank you!
PS Output ip addr
[email protected]:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
    link/ether 0e:80:69:25:ae:58 brd ff:ff:ff:ff:ff:ff
    inet 172.31.17.117/20 brd 172.31.31.255 scope global dynamic ens5
       valid_lft 3593sec preferred_lft 3593sec
    inet6 fe80::c80:69ff:fe25:ae58/64 scope link
       valid_lft forever preferred_lft forever
3: ens6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 0e:6b:0a:32:91:7a brd ff:ff:ff:ff:ff:ff
    inet 172.31.24.254/20 brd 172.31.31.255 scope global ens6
       valid_lft forever preferred_lft forever
    inet 172.31.23.41/20 brd 172.31.31.255 scope global secondary ens6
       valid_lft forever preferred_lft forever
    inet 172.31.23.226/20 brd 172.31.31.255 scope global secondary ens6
       valid_lft forever preferred_lft forever
    inet 172.31.19.241/20 brd 172.31.31.255 scope global secondary ens6
       valid_lft forever preferred_lft forever
    inet6 fe80::c6b:aff:fe32:917a/64 scope link
       valid_lft forever preferred_lft forever
4: ens7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
    link/ether 0e:29:4b:8f:d2:b2 brd ff:ff:ff:ff:ff:ff
    inet 172.31.18.160/20 brd 172.31.31.255 scope global dynamic ens7
       valid_lft 322sec preferred_lft 322sec
    inet 172.31.22.168/20 brd 172.31.31.255 scope global secondary ens7
       valid_lft forever preferred_lft forever
    inet 172.31.28.164/20 brd 172.31.31.255 scope global secondary ens7
       valid_lft forever preferred_lft forever
    inet 172.31.24.120/20 brd 172.31.31.255 scope global secondary ens7
       valid_lft forever preferred_lft forever
    inet6 fe80::c29:4bff:fe8f:d2b2/64 scope link
       valid_lft forever preferred_lft forever

Answer the question

In order to leave comments, you need to log in

2 answer(s)
E
emellstornn, 2019-12-27
@emellstornn

UPD: As a result, asymmetric routing turned out to be the solution to the problem.
Aligned and checked. Now I understand even less.
I earned one of the four addresses for the third interface (really, spaces). But:
a) not one of those where spaces were missing
b) before the gate status for the third interface was STALE, for the rest it was REACHABLE, and I thought that this was the main reason. Well, since all 12 addresses are pinged inside the Amazon, only 8 are pinged outside, and you can't get through from the other 4 either - it's about the gate, it seems logical. But now the gate has also become REACHABLE for the third interface!
Thanks for the hint, in any case, progress, now I have 9 addresses. Tomorrow I will continue to torture the config further.
PS To find mana, for amateurs, where the process of adding three network interfaces is described, but I did not find it, everything ends with two.

H
hint000, 2019-12-27
@hint000

At a minimum, the config does not meet the requirements of the official YAML specification. The parser could not parse part of the config, the result of the application is difficult to predict.
https://yaml.org/spec/1.2/spec.html#id2777534
lines marked with an asterisk are missing spaces:

routes:
       - to: 0.0.0.0/0
         via: 172.31.16.1 # Default gateway
         table: 1000
       - to: 172.31.18.160
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.24.120
         via: 0.0.0.0
         scope: link
         table: 1000
       - to: 172.31.22.168
         via: 0.0.0.0
         scope: link
         table: 1000
*     - to: 172.31.28.164
*       via: 0.0.0.0
         scope: link
         table: 1000

      routing-policy:
        - from: 172.31.18.160
          table: 1000
*      - from: 172.31.24.120
          table: 1000
        - from: 172.31.22.168
          table: 1000
        - from: 172.31.28.164
          table: 1000

Align and check, and suddenly it will work.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question