Answer the question
In order to leave comments, you need to log in
E
E
emellstornn2019-12-27 09:30:22
emellstornn, 2019-12-27 09:30:22
Ubuntu 18.04 3 network interfaces in netplan, two work, the third one doesn't, why?
Good afternoon. There is the following thing: ec2 on Amazon, 3 network interfaces are connected to it, 12 static ip-addresses are screwed (4 for each interface)
According to the Amazon mans, a yaml file was created on this issue with the following content:
network:
version: 2
ethernets:
ens6:
addresses:
- 172.31.24.254/20
- 172.31.23.41/20
- 172.31.23.226/20
- 172.31.19.241/20
dhcp4: no
routes:
- to: 0.0.0.0/0
via: 172.31.16.1 # Default gateway
table: 1000
- to: 172.31.24.254
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.23.41
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.23.226
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.19.241
via: 0.0.0.0
scope: link
table: 1000
routing-policy:
- from: 172.31.24.254
table: 1000
- from: 172.31.23.41
table: 1000
- from: 172.31.23.226
table: 1000
- from: 172.31.19.241
table: 1000
ens7:
addresses:
- 172.31.18.160/20
- 172.31.24.120/20
- 172.31.22.168/20
- 172.31.28.164/20
dhcp4: no
routes:
- to: 0.0.0.0/0
via: 172.31.16.1 # Default gateway
table: 1000
- to: 172.31.18.160
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.24.120
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.22.168
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.28.164
via: 0.0.0.0
scope: link
table: 1000
routing-policy:
- from: 172.31.18.160
table: 1000
- from: 172.31.24.120
table: 1000
- from: 172.31.22.168
table: 1000
- from: 172.31.28.164
table: 1000The ens6 interface functions completely, responds from the outside. Ens7 responds only from the server itself, it does not respond from the outside. Where is the dog buried?
Thank you!
PS Output ip addr
[email protected]:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
link/ether 0e:80:69:25:ae:58 brd ff:ff:ff:ff:ff:ff
inet 172.31.17.117/20 brd 172.31.31.255 scope global dynamic ens5
valid_lft 3593sec preferred_lft 3593sec
inet6 fe80::c80:69ff:fe25:ae58/64 scope link
valid_lft forever preferred_lft forever
3: ens6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 0e:6b:0a:32:91:7a brd ff:ff:ff:ff:ff:ff
inet 172.31.24.254/20 brd 172.31.31.255 scope global ens6
valid_lft forever preferred_lft forever
inet 172.31.23.41/20 brd 172.31.31.255 scope global secondary ens6
valid_lft forever preferred_lft forever
inet 172.31.23.226/20 brd 172.31.31.255 scope global secondary ens6
valid_lft forever preferred_lft forever
inet 172.31.19.241/20 brd 172.31.31.255 scope global secondary ens6
valid_lft forever preferred_lft forever
inet6 fe80::c6b:aff:fe32:917a/64 scope link
valid_lft forever preferred_lft forever
4: ens7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
link/ether 0e:29:4b:8f:d2:b2 brd ff:ff:ff:ff:ff:ff
inet 172.31.18.160/20 brd 172.31.31.255 scope global dynamic ens7
valid_lft 322sec preferred_lft 322sec
inet 172.31.22.168/20 brd 172.31.31.255 scope global secondary ens7
valid_lft forever preferred_lft forever
inet 172.31.28.164/20 brd 172.31.31.255 scope global secondary ens7
valid_lft forever preferred_lft forever
inet 172.31.24.120/20 brd 172.31.31.255 scope global secondary ens7
valid_lft forever preferred_lft forever
inet6 fe80::c29:4bff:fe8f:d2b2/64 scope link
valid_lft forever preferred_lft forever 2 answer(s)
@emellstornn
@hint000
Align and check, and suddenly it will work.
E
emellstornn, 2019-12-27 @emellstornn
UPD: As a result, asymmetric routing turned out to be the solution to the problem.
Aligned and checked. Now I understand even less.
I earned one of the four addresses for the third interface (really, spaces). But:
a) not one of those where spaces were missing
b) before the gate status for the third interface was STALE, for the rest it was REACHABLE, and I thought that this was the main reason. Well, since all 12 addresses are pinged inside the Amazon, only 8 are pinged outside, and you can't get through from the other 4 either - it's about the gate, it seems logical. But now the gate has also become REACHABLE for the third interface!
Thanks for the hint, in any case, progress, now I have 9 addresses. Tomorrow I will continue to torture the config further.
PS To find mana, for amateurs, where the process of adding three network interfaces is described, but I did not find it, everything ends with two.
H
hint000, 2019-12-27 @hint000
At a minimum, the config does not meet the requirements of the official YAML specification. The parser could not parse part of the config, the result of the application is difficult to predict.
https://yaml.org/spec/1.2/spec.html#id2777534
lines marked with an asterisk are missing spaces:
routes:
- to: 0.0.0.0/0
via: 172.31.16.1 # Default gateway
table: 1000
- to: 172.31.18.160
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.24.120
via: 0.0.0.0
scope: link
table: 1000
- to: 172.31.22.168
via: 0.0.0.0
scope: link
table: 1000
* - to: 172.31.28.164
* via: 0.0.0.0
scope: link
table: 1000
routing-policy:
- from: 172.31.18.160
table: 1000
* - from: 172.31.24.120
table: 1000
- from: 172.31.22.168
table: 1000
- from: 172.31.28.164
table: 1000Align and check, and suddenly it will work.
Similar questions
T
I
R
L
G
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question