FreeBSD routing issues resolved

Today I had a call from a customer saying their Nagios server was showing incorrect ping results. Gconnect, (my $dayjob) host an MPLS network for this client which is in a transitive state between a traditional IPSec network and the new shiny MPLS VPN setup. As a result, ip prefixes move around between the MPLS gateway and the IPSec gateway, and the Nagios server has to keep track. During this time, the default gateway  for the Nagios server has changed, just to add further confusion! From the Nagios server I was unable to ping the target of 172.16.45.65, so trying to find out what was going on, I interrogated the Nagios server to see where it was looking for my target:

# route get 172.16.45.65
   route to: 172.16.45.65
destination: 172.16.45.65
    gateway: 172.16.10.200
  interface: em0
      flags: <UP,GATEWAY,HOST,DYNAMIC,DONE,PROTO3>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1      3597

Now 172.16.10.200 is my old default gateway, the new one is 172.16.10.199. My default router is set to:

defaultrouter="172.16.10.199"

And an attempt to reset the default route yeilds little help:

# route add default 172.16.10.199
route: writing to routing socket: File exists
add net default: gateway 172.16.10.199: route already in table

So when I remove the specific route to the 172.16.45.65 destination, like this:

# route delete 172.16.45.65
delete host 172.16.45.65

I now see the route as follows:

# route get 172.16.45.65
   route to: 172.16.45.65
destination: default
       mask: default
    gateway: haulfryn-0xydgp
  interface: em0
      flags: <UP,GATEWAY,DONE,STATIC>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1         0

And I can now ping it! In a fit of enthusiasm I decided to remove all of the specific routes to clear any upcoming problems with the flush command:

# route flush
default              434-ws-002           done
runs-domain.sdsd     172.16.10.200        done
... clip ...
Write failed: Broken pipe

yes, thats what happens when the default route gets wiped out! To re-add it I went in via the console:

# route add default 172.16.10.199

And we’re back in the room – phew!

Additional Information

Here is how to clear all the routes in one go and not lock yourself out:

# route flush: route add default 'your_router_ip'

and you can see all of the ‘host routes’ in your table with:

# netstat -rl
This entry was posted in FreeBSD Administration and tagged . Bookmark the permalink.

Leave a Reply