Route internet traffic through a specific interface in Linux Servers – CentOS / RHEL

I have a server with multiple network interfaces. Out of that two of them were connected to two different networks. My requirement is to route the internet traffic through the second interface. The Server is running with CentOS 7 operating system. The second interface is connected to a network with higher internet bandwidth and the first interface is connected to a network with lower bandwidth. So I have to make the second interface as the primary/default interface.

The details of the network interfaces are given below.

Details of first interface:

Interface name -> eno2

IP Address:  192.168.0.208

Gateway 192.168.0.1

Internet Provider : ISP01

Details of second interface:

Interface name -> eno3

IP Address:  172.31.0.208

Gateway 172.31.0.1

Internet Provider : ISP02

The diagrammatic view of the server and network connections are given below.

internet_routing

Problem statement:

The internet traffic is going through the first interface. I want to change it to the second interface.

How to check the route of the internet traffic ?

This can be checked by using the traceroute command. Execute the following commands and check hops. If it is going through the gateway of the first network, means traffic is routed through the first interface. If it is going through the gateway of the second network, means that the traffic is routed through the second interface.

traceroute google.com

When I executed this command, I got the following output that proves that the traffic was going through the first interface. 192.168.0.1 is the gateway of the first interface. You can see the details in the below screenshot.

traceroute_02

How to list the default traffic routes ?

To list the existing routes in the system, type the following command in the terminal.

ip route list

This will list all the routes and that shows the default routes also. The following screenshot shows the details of the routes in my system.

iproute_list01

In the above image, you can see two default routes. The first one has a priority of 102 and second one with priority 103. So based on the priority, the traffic goes through the first interface (gateway 192.168.0.1, ISP-01).

How to change the default / primary route ?

In my case there were two default routes. So making one interface as the default or primary route will solve the problem.

This can be enabled by configuring the DEFROUTE parameter in the network interface settings. The network interface configurations are present in the following directory.

/etc/sysconfig/network-scripts

In this directory, you can see files that starts with ifcfg-. In my case, the two files that I have to deal with are ifcfg-eno2 and ifcfg-eno3.

In this file, there will be a parameter DEFROUTE. If it is configured with value “yes” means that interface is a default route. If the value is “no” means it is not a default interface.

So make DEFROUTE=no in the first interface (ifcfg-eno2) and DEFROUTE=yes in the second interface (ifcfg-eno3).

Restart the network after making these changes. The command is shared below.

service network restart

Now check the route list and see the default route/s. The command is given below.

ip route list

The screenshot from my system is shared below.

iproute_list02

Now you can see that the second interface (gateway 172.31.0.1 & ISP-02) became the default interface and the first interface got removed from the default list. It is present in the available interfaces, but not the default interface.

Now let us test the internet traffic through traceroute command. As per our configuration, the traffic should go through the second interface. The command is given below.

traceroute google.com

The screenshot from my system is given below.

traceroute_01

As per the screenshot, the traffic is going as expected based on our configuration. It is going through the second interface.

The steps for Ubuntu and other operating systems are also similar. Here I have explained based on CentOS & RHEL operating systems.

Hope this article helps someone. 🙂

 

 

 

 

How to connect a CentOS computer to Internet using USB Wifi Adapter ?

I have an old desktop computer with CentOS 7 operating system installed without GUI. I wanted to connect to internet using a USB wifi adapter. My internet router was located in a different room and LAN cable was not available with me. So I used netgear USB wifi adapter for establishing the internet connection. This post is about troubleshooting and fixing the connectivity issue.

The model that I have used is Netgear WNA3100M Wireless-N300 USB Mini Adapter. The picture is shown below.

wifi_network_adapter

Netgear WNA3100M

I checked the network interfaces and ip address using ifconfig command. It listed an interface named wlp18s0b1. But no ip address was assigned.

I tried ifup command. But it gave me an error as follows.

ifup wlp18s0b1

/sbin/ifup: configuration for wlp18s0b1 not found.
Usage: ifup 

Then I tried listing the USB interfaces using lsusb command and it listed the network adapter usb device. This means that the device is getting detected.

The next steps that I tried are using the nmcli command.

The following command will list all the available Wifi connection profiles.

nmcli connection show

To connect to a wifi network, use the below command. You have to pass your wifi ssid and password as shown below as arguments.

nmcli dev wifi connect your-wifi-ssid password wifi-password

My desktop got connected to the internet after triggering the above command. After this, every time I start my computer, if the desktop is not automatically connected to the internet, I issue the following commands.

nmcli connection show

nmcli connection up your-wifi-connection

This solution helped me. Hope this will help someone else also :).

SELinux modes – Simple explanation

Everyone who uses linux might be familiar with SELinux. The full form of SELinux is Security-Enhanced Linux. It is a kernel level security module that enhances the access level security policies.

In this post I will be quickly explaining about the various modes in SELinux.

There are three modes in SELinux

  • Enforcing
  • Permissive
  • Disabled

In CentOS and RHEL systems , the SELinux configurations are controlled using the configuration file /etc/sysconfig/selinux.

The changes made to this file needs a system reboot. We can disable the SELinux permanently only with a system reboot. But we can set the SELinux into permissive mode without reboot. This can be easily performed by issuing a setenforce command. The details are explained in my another blog post.

Here we can set SELinux to any of the modes mentioned above.

In the Enforcing mode, SELinux is completely active and it will allow access only using the SELinux policies. User can configure the policies to enable access to their application.

In the Permissive mode, the SELinux will be monitoring and logging all the activities that would have been denied if it is in the enforcing state. The SELinux will not block any activities in this state.

In the Disabled mode, SELinux will be completely disabled.