Linux

Several months ago, my colleague got a problem that some of his virtual machines. I dug into this problem and finally solved it.

Following is the network topology =

It has following problems =
The br2 and vnet5 and vnet6 can only communicate with subnet 192.168.2.0/24, they cannot send or receive packages from other subnets.

Explanation =
Because there is only route to 192.168.2.0/24 for the br2. Let’s try to analyze it through a ping process. If you ping 192.168.2.7 (br2) from a machine outside of this subnet, like 192.168.1.10, below is the detailed routing path =
src to dst = 192.168.1.10 checks the destination and finds it’s in another subnet so send it to the default gateway.

192.168.1.10  -->  to gateway 192.168.1.254   OK
192.168.1.254 -->  forward to 192.168.2.254   OK
192.168.2.254 -->  forward to 192.168.2.7     OK

dst to src = Also 192.168.2.7 would send to default gateway, but let’s check the default gateway of the machine. It’s default via 192.168.1.254 dev br1, so it fails to send the package since the br1 interface won’t send a package whose source ip address is not bounded to itself.

Now we knows that the br2 can receive packages but fail to send them to other subnets. So how to? Add another default gateway? A machine can only have one default gateway.