How to disable the default gateway

Hello all,

is it possible to disable the default gateway settings in the VM template, even though the VNet in question has the default gateway set?

The use case is a router for the private network[*] - it is connected to a public network/VNet which has its own default gw, which I want to use, and to the private network/VNet, which has the default gw set to the router’s address. I.e. I want all the other hosts on this network to have the VM resulting from this template as their default gateway. What happens here is that after the instantiation, the private network’s default gw overrides the public network’s default gw, and the host thinks its own IP address is the best GW. From the context.sh:

ETH0_IP=‘192.168.13.42’
ETH0_GATEWAY=‘192.168.1.1’
[…]
ETH1_IP=‘10.0.0.1’
ETH1_GATEWAY=‘10.0.0.1’

I want the default gateway to be 192.168.1.1 on eth0, and not the host 10.0.0.1 itself on eth1, obviously.

I am able to override the IP address in the template. It should be possible to override the default gw for ETH1 with a different value the same way, but is it possible to override it so it is disabled altogether? Leaving an empty field for the gateway in Sunstone results in not overriding at all.

[*] I want the router to use as a ssh-forwarding gateway with local LDAP+Kerberos authentication, so I cannot use a stock vrouter appliance from the Marketplace.

Thanks,

-Yenya

Hi @Yenya,

If you have several networks with a gateway configured for each of them, the default gateway configured in the VM will be the one configured in NIC0.

For example:

• Network vnet100:

$ onevnet show 3
VIRTUAL NETWORK 3 INFORMATION                                                   
ID                       : 3                   
NAME                     : vnet100             
USER                     : oneadmin            
GROUP                    : oneadmin            
LOCK                     : None                
CLUSTERS                 : 0,101               
BRIDGE                   : onebr100            
VN_MAD                   : bridge              
AUTOMATIC VLAN ID        : NO                  
AUTOMATIC OUTER VLAN ID  : NO                  
USED LEASES              : 2                   

PERMISSIONS                                                                     
OWNER                    : um-                 
GROUP                    : ---                 
OTHER                    : ---                 

VIRTUAL NETWORK TEMPLATE                                                        
BRIDGE="onebr100"
BRIDGE_TYPE="linux"
GATEWAY="192.168.100.1"
PHYDEV=""
SECURITY_GROUPS="0"
VN_MAD="bridge"

• Network vnet200:

$ onevnet show 4
VIRTUAL NETWORK 4 INFORMATION                                                   
ID                       : 4                   
NAME                     : vnet200             
USER                     : oneadmin            
GROUP                    : oneadmin            
LOCK                     : None                
CLUSTERS                 : 0,101               
BRIDGE                   : onebr200            
VN_MAD                   : bridge              
AUTOMATIC VLAN ID        : NO                  
AUTOMATIC OUTER VLAN ID  : NO                  
USED LEASES              : 2                   

PERMISSIONS                                                                     
OWNER                    : um-                 
GROUP                    : ---                 
OTHER                    : ---                 

VIRTUAL NETWORK TEMPLATE                                                        
BRIDGE="onebr200"
BRIDGE_TYPE="linux"
GATEWAY="192.168.200.1"
PHYDEV=""
SECURITY_GROUPS="0"
VN_MAD="bridge"

• VM 1 context:

  ETH0_GATEWAY="192.168.100.1",
  ETH0_IP="192.168.100.10",
...
  ETH1_GATEWAY="192.168.200.1",
  ETH1_IP="192.168.200.10",

• VM 1 addresses and routes:

localhost:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 02:00:c0:a8:64:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.10/24 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::c0ff:fea8:640a/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 02:00:c0:a8:c8:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.10/24 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::c0ff:fea8:c80a/64 scope link 
       valid_lft forever preferred_lft forever

localhost:~# ip r
default via 192.168.100.1 dev eth0 
192.168.100.0/24 dev eth0 scope link  src 192.168.100.10 
192.168.200.0/24 dev eth1 scope link  src 192.168.200.10 

• VM 2 context:

  ETH0_GATEWAY="192.168.200.1",
  ETH0_IP="192.168.200.11",
...
  ETH1_GATEWAY="192.168.100.1",
  ETH1_IP="192.168.100.11",

• VM 2 addresses and routes:

localhost:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 02:00:c0:a8:c8:0b brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.11/24 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::c0ff:fea8:c80b/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 02:00:c0:a8:64:0b brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.11/24 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::c0ff:fea8:640b/64 scope link 
       valid_lft forever preferred_lft forever

localhost:~# ip r
default via 192.168.200.1 dev eth0 
192.168.100.0/24 dev eth1 scope link  src 192.168.100.11 
192.168.200.0/24 dev eth0 scope link  src 192.168.200.11 

So according your context snippet, the VM should have configured default via 192.168.1.1.

Cheers.

Well, this is not what I observe. The VM in questions till has default gw via eth1. Did it change in some newer version of the contextualization package? The VM runs CentOS8 and the context packages are version 5.8.0.

OK, tried one-context-5.12.0.2, and with this version the default gw is selected from the first NIC instead of (apparently) the last one.

That said, I would still like to have a solution for overriding any CTX parameter to “none” - it is possible to override it during instantiation to a different value, so why don’t allow to remove the parameter altogether?