Bug ID 1188316
Summary Configuring multiple default gateways in wicked via yast result in unpredictable routing
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware x86-64
OS openSUSE Tumbleweed
Status NEW
Severity Normal
Priority P5 - None
Component Network
Assignee screening-team-bugs@suse.de
Reporter bob@muhlenberg.edu
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Found on Tumbleweed 20201108 same seem to happen on latest version I tested (
20210712 )

Steps to reproduce:

3 NICS on different IPV4 networks
In YAST with Wicked selected ...
configure a static IP on each interface in its respective IP networks.   For
example:

10.10.10.10 / 24
192.168.11.11 / 24
172.16.12.12 / 24

In each network is x.x.x.1 which is an external router to the Internet.

Configuring a default gateway for ONE of these interfaces pointing at its
corresponding x.x.x.1 gateway address results in the expected outcome and the
kernel routing table shows the routes to the locally attached networks and the
default rout to x.x.x.1, for example 10.10.10.1

If TWO default routes are created in Yast, only one appears in the routing
table, seemingly the "first" one.  

However you find that

test:/etc/sysconfig/network # cat ifroute-ens???

default 10.10.10.1 - ens192 
default 192.168.11.1 - ens224

also 

test:/Build # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.10.10.1      0.0.0.0         UG    0      0        0 ens192
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 ens192
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens224
172.16.12.0     0.0.0.0         255.255.255.0   U     0      0        0 ens160

if you shutdown one or the other interface using

wicked ifdown ensNNN

it is seen that the default route of the surviving interface is not populated
in the kernel routing table.   

test:/Build # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 ens192
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens224
172.16.12.0     0.0.0.0         255.255.255.0   U     0      0        0 ens160

on bringing up the same interface, the default route is populated for the
interface.   Whatever interface was shut down and brough up last has its entry
as the one and only default route.

test:/Build # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.10.10.1      0.0.0.0         UG    0      0        0 ens192
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 ens192
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens224
172.16.12.0     0.0.0.0         255.255.255.0   U     0      0        0 ens160

manually adding the route

route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.11.1

yields the expected outcome:

test:/Build # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.10.10.1      0.0.0.0         UG    0      0        0 ens192
default         192.168.11.1    0.0.0.0         UG    0      0        0 ens224
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 ens192
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens224
172.16.12.0     0.0.0.0         255.255.255.0   U     0      0        0 ens160

So in all honesty I don't know where it going wrong or if this is working as
designed, but the design is not aligned with the needs of dual homed systems.  
Yast seems to be populating the route config files, and wicked does seem to
activate only one of the default routes configured.  The kernel is happy to
accept several default routes when done manually.

Three NICS is not necessary to observe the problem described.  The essential
configuration is having multiple default gateways configured in Yast.

You are receiving this mail because: