Linux Multiple Network Interfaces (NICs) – One Interface with Static Public IP and One Interface with Private DHCP LAN IP Address – Routes and Routing
Friday, July 24th, 2020Linux KVM: Using Multiple NICs and Routing Traffic Properly Between Them
When setting up a KVM guest to use multiple network interface controllers (NICs), additional ip routes may be needed in order for the additional interfaces to work properly. For example, if you configure a NIC with a public static IP address and a NIC with an internal private DHCP LAN IP address, you must create a route for any traffic that comes through the DHCP LAN IP address to respond via the interface from which the request originated. Otherwise, forwarded NAT traffic from the main KVM host to the DHCP internal LAN IP will reach its destination, but no response will be sent back (because it will attempt to send the response via the configured static IP address interface which may NOT be the original destination of the senders request).
The Solution:
https://unix.stackexchange.com/questions/4420/reply-on-same-interface-as-incoming/23345#answer-23345
From the above link, the solution for me was to do the following in the KVM guest virtual machine:
Only needs to be done once:
sudo -i echo 200 isp1 >> /etc/iproute2/rt_tables
Setting up the route (adjust variables as necessary):
sudo -i ip rule add from <interface_IP> table isp1 priority 900 ip rule add from <interface_IP> dev <interface> table isp1 ip route add default via <gateway_IP> dev <interface> table isp
The command I used for my specific setup:
sudo -i ip rule add from 192.168.122.10 table isp1 priority 900 ip rule add from 192.168.122.10 dev ens9 table isp1 ip route add default via 192.168.122.1 dev ens9 table isp1
Making it permanent (apply on system start up):
sudo -i nano /etc/network/interfaces
I added the below post-up rules (adjust variables as necessary):
auto ens9 iface ens9 inet dhcp post-up ip rule add from <interface_IP> table isp1 priority 900 post-up ip rule add from <interface_IP> dev <interface> table isp1 post-up ip route add default via <gateway_IP> dev <interface> table isp1
The route is created whenever the dhcp interface is brought up.