Deleted Routes Reappearing

[Chewbode]

Hi all. I'm hoping someone here is smarter about this than I am and might be able to help.

Quick history: I had a failure of my main firewall and put a Wi-Fi AP on the network to serve DHCP. This automatically created some routing entries on all three of my RPIs. This ran for a few weeks, and eventually my main firewall was fixed and the AP deprecated.

Here's the current table on one of my RPIs:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.10.1       0.0.0.0         UG    0      0        0 eth0
0.0.0.0         10.0.12.175     0.0.0.0         UG    202    0        0 eth0
10.0.0.0        0.0.0.0         255.255.240.0   U     202    0        0 eth0
10.0.10.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0

The 10.0.10.1 gateway is the correct firewall, and the 10.0.12.175 is the deprecated AP. I can remove the unnecessary routes:

Code: Select all

route del default gw 10.0.12.175
route del -net 10.0.0.0/20

And the table afterward:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.10.1       0.0.0.0         UG    0      0        0 eth0
10.0.10.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0

Now, this looks correct. However, if I bounce the interface in any way (even reboots), the "bad" routes come back:

Code: Select all

root@scs-pi01 # ifdown eth0 && ifup -v eth0
Configuring interface eth0=eth0 (inet)
run-parts --exit-on-error --verbose /etc/network/if-pre-up.d
run-parts: executing /etc/network/if-pre-up.d/01-wpa-config-copy
run-parts: executing /etc/network/if-pre-up.d/wireless-tools
run-parts: executing /etc/network/if-pre-up.d/wpasupplicant
ip addr add 10.0.10.30/255.255.255.0 broadcast 10.0.10.255        dev eth0 label eth0
ip link set dev eth0   up
 ip route add default via 10.0.10.1  dev eth0
run-parts --exit-on-error --verbose /etc/network/if-up.d
run-parts: executing /etc/network/if-up.d/000resolvconf
run-parts: executing /etc/network/if-up.d/avahi-daemon
run-parts: executing /etc/network/if-up.d/mountnfs
run-parts: executing /etc/network/if-up.d/openssh-server
run-parts: executing /etc/network/if-up.d/upstart
run-parts: executing /etc/network/if-up.d/wpasupplicant
root@scs-pi01 # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.10.1       0.0.0.0         UG    0      0        0 eth0
0.0.0.0         10.0.12.175     0.0.0.0         UG    202    0        0 eth0
10.0.0.0        0.0.0.0         255.255.240.0   U     202    0        0 eth0
10.0.10.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0

Am I missing something - maybe a command to make these deletes stick, or maybe they're in some file somewhere? The 10.0.12.175/20 isn't in my interfaces file. TIA!

[allfox]

Did you disconnect that AP?

If you need it be there, try turning off its DHCP capability.

I think the problem here is that there are two DHCP servers giving different default routes on the network.

[Chewbode]

Thanks for the reply allfox.

The AP is not on the network anymore, so there's no chance of it still serving DHCP. Also, the interfaces file has been configured for a static IP (10.0.10.30 255.255.255.0 in this case).

[allfox]

Could you post these files and command output please:
1 /etc/network/interfaces
2 /etc/dhcpcd.conf
3 ip addr

[Chewbode]

Sure. Here's /etc/network/interfaces:

Code: Select all

#===[ Loopback ]===
auto lo
iface lo inet loopback

#===[ Ethernet ]===
iface eth0 inet static
address 10.0.10.30
netmask 255.255.255.0
gateway 10.0.10.1
network 10.0.10.0
broadcast 10.0.10.255
dns-nameservers 10.0.10.12 10.0.10.20

#===[ Wi-Fi ]===
allow-hotplug wlan0
auto wlan0
iface wlan0 inet dhcp
       wpa-ssid "<removed>"
       wpa-psk "<removed>"

Note that this file has not changed since the Pi was built over two years ago. I put the Wi-Fi section in here in the off-chance I ever need to immediately put a Wi-Fi USB adapter in the Pi and put it on Wi-Fi (to date, I've never needed to do that tho). There is no Wi-Fi USB dongle in the Pi.

Here's the /etc/dhcpcd.conf:

Code: Select all

# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.

# Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname

# Use the hardware address of the interface for the Client ID.
clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
#duid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
# Most distributions have NTP support.
option ntp_servers
# Respect the network MTU.
# Some interface drivers reset when changing the MTU so disabled by default.
#option interface_mtu

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate Stable Private IPv6 Addresses instead of hardware based ones
slaac private

# A hook script is provided to lookup the hostname if not set by the DHCP
# server, but it should not be run by default.
nohook lookup-hostname

This file has never been modified from the original install.

Here's the ip addr output:

Code: Select all

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether b8:27:eb:eb:f8:a9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.10.30/24 brd 10.0.10.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.0.12.225/20 brd 10.0.15.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d1a1:cfc5:f9d0:cd2a/64 scope link
       valid_lft forever preferred_lft forever

Note the 10.0.12.225/20 is the one I don't want.

Also, this exact problem is occurring on all three of my RPIs (10.0.10.30, .31, .32), which are all built identically.

TIA!

[allfox]

I'm not sure if there is another method giving that IP other than DHCP.

I think it worth a try to add one line to /etc/dhcpcd.conf, saying "nodhcp".

This line would tell dhcpcd not to do DHCP. So maybe the unwanted address disappear.

[mfa298]

I think the dhcpcd5 package got introduced into wheezy via an update and it ignores the settings in /etc/network/interfaces so it might be trying to get a dhcp address as well as using the static address that's been configured (I'm guessing there might be a dhcp server offering the 10.0.12 address on the network still).

It might be worth trying to disable / remove that package and see if that improves things.