Facebook

CU200 | Linux: Network Interface Priority and Access Configuration

In a Linux system, having dual or multiple network cards does not mean that both can be used simultaneously for internet access. The system will prioritize sending requests to the default gateway with the highest priority (excluding the internal network segments corresponding to the network cards). When multiple network cards are inserted, there will be multiple default gateways in the routing table. When accessing external networks, the system will follow the routing principles, where the network card with the lower Metric value has a higher priority and will be used first for internet access.

Linux Network Card Priority Configuration
Use the route command to view routing table information:

$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         oraybox.com     0.0.0.0         UG    100    0        0 enx00e04c6801a0
default         _gateway        0.0.0.0         UG    101    0        0 eth0
10.10.11.0      0.0.0.0         255.255.255.0   U     101    0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 enx00e04c6801a0

We can see that there are two network cards (eth0 and enx00e04c6801a0), both configured to the default gateway. Since the Metric value of enx00e04c6801a0 is lower than that of eth0, it takes precedence. This indicates that the priority of the enx00e04c6801a0 network card is higher than that of eth0.

Using `route -n` can show the related Gateway IP information:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.8     0.0.0.0         UG    100    0        0 enx00e04c6801a0
0.0.0.0         10.10.11.254    0.0.0.0         UG    101    0        0 eth0
10.10.11.0      0.0.0.0         255.255.255.0   U     101    0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 enx00e04c6801a0

To configure the priority of network cards in Linux, we need to modify the Metric of a specific network card. However, the route command does not allow direct modification, so we need to delete and then add it again. For example, to reduce the Metric of eth0, you would execute:

route del default gw 10.10.11.254 eth0
route add default gw 10.10.11.254 dev eth0 metric 99

Similarly, you can also increase the Metric value by deleting the smaller one. In this way, we adjust the priority of multiple network connections by modifying the entries related to the default gateway in the routing table.

Simultaneous Access to Internal and External Networks
When Linux uses dual network cards to connect to different networks, it may not be able to use both the internal and external networks simultaneously. This is because the computer does not know which segments definitely belong to the internal network.

To add:

route add -net 192.168.2.0 netmask 255.255.255.0 dev eth0

To delete:

route del -net 192.168.2.0 netmask 255.255.255.0 dev eth0

-net

parameter corresponds to the subnet IP, and netmask is the subnet mask. The final eth0 is the network card corresponding to the network.

Persistent Route Configuration
By default, executing delete and add operations with route only affects the current environment, and the configuration information will be lost after a reboot. Therefore, we need to persist the router table configuration to achieve startup commands. Since the system needs time to connect to the network after booting, and even though the rc-local configuration includes commands that execute after various services start, the network card still requires time to obtain an IP address via the DHCP Client. Thus, we need to delay the execution of the configuration commands by 30 seconds asynchronously; for detailed principles, refer to "Shell Asynchronous Delayed Command Execution." The configuration methods vary for different Linux distributions.

Ubuntu Persistent Route Configuration
In Ubuntu/Linux Mint/Ukylin/domestic Kylin systems, to execute the route command at startup, you only need to modify the /etc/rc.local file and write the commands to be executed automatically before the exit 0 line:

(sleep 30
/usr/sbin/route del default gw 10.10.11.250 eth0
/usr/sbin/route add default gw 10.10.11.250 dev eth0 metric 204) &

Debian/Kali/Raspberry Pi Persistent Route Configuration
Starting from Debian 9, Debian includes the rc-local service by default, but it is not enabled, and there is no /etc/rc.local file. First, check whether the rc-local service is started. Execute systemctl status rc-local; if it shows Active: inactive (dead), it means it is not started. Add /etc/rc.local and modify the content

( touch /etc/rc.local && vim /etc/rc.local),

and write the commands to be executed automatically at startup before the exit 0 line:

#!/bin/sh -e
sleep 30
/usr/sbin/route del default gw 10.10.11.250 eth0
/usr/sbin/route add default gw 10.10.11.250 dev eth0 metric 204
) &
exit 0

Give the file executable permissions: chmod +x /etc/rc.local. Start the rc-local service and set it to start on boot:

systemctl enable rc-local
systemctl start rc-local

ArchLinux Persistent Route Configuration
Like Debian, ArchLinux does not have the rc-local service by default, and ArchLinux also requires manual configuration of the rc-local service.

Create a new
/usr/lib/systemd/system/rc-local.service file and add the following content:

[Unit]
Description=/etc/rc.local Compatibility
ConditionPathExists=/etc/rc.local
[Service]
Type=forking
ExecStart=/etc/rc.local
TimeoutSec=0
StandardOutput=tty
RemainAfterExit=yes
SysVStartPriority=99
[Install]
WantedBy=multi-user.target

Then it’s the same as the Debian configuration method.

Check if Configuration is Lost After Restarting the Network
Although the startup commands are configured, there is still a possibility that network settings may be lost due to other programs restarting the network. Execute systemctl restart networking or /etc/init.d/networking restart to check if the route settings are still effective. In newer Linux kernels and systems, setting the default gateway usually does not become invalid after restarting the network, but static route settings and some older systems may lose this information. Create and edit the /etc/network/if-up.d/route-set file:

#!/bin/sh
sleep 30
/usr/sbin/route del default gw 10.10.11.250 eth0
/usr/sbin/route add default gw 10.10.11.250 dev eth0 metric 204
) &

Give this file execute permissions: chmod +x /etc/network/if-up.d/route-set. Restart the network again to test if the configuration is working properly.