[Nix-dev] Failed to add route because network is unreachable

Kirill Elagin kirelagin at gmail.com
Tue Apr 28 09:16:46 CEST 2015 

It would be nice if you showed us the output of `ip route` at the point
where `ip route add` fails.
Also `ip route get 136.243.17.1` might give some hints.

It totally looks like the gateway you are trying to use is unreachable. To
be honest, I have no idea what does the `mainIPv4  = "136.243.17.41";` line
do, but feels like it doesn’t configure the routes (or even the address)
properly.

On Mon, Apr 27, 2015 at 5:31 PM Bas van Dijk <v.dijk.bas at gmail.com> wrote:

> I just discovered that I can successfully manually add the route if I
> Ieave of the "via <gateway>" option:
>
> # ip route add  10.180.0.0/24 src 172.16.48.17 dev eth0
>
> After this I can successfully ping hosts on the other side of the VPN!
>
> I'll just settle with adding this to my local networking commands:
>
>     networking.localCommands = ''
>        ip route add 10.180.0.0/24 src 172.16.48.17 dev eth0 || true
>     '';
>
> I do wonder though, why adding that route with a "via <gateway>"
> option gives the aforementioned error.
>
> Cheers,
>
> Bas
>
> On 27 April 2015 at 15:58, Bas van Dijk <v.dijk.bas at gmail.com> wrote:
> > Dear Nixers,
> >
> > I've a slightly off-topic question but since I know there are some
> > excellent Unix networking experts on this list I hope to get a pointer
> > in the right direction.
> >
> > After some changes in my networking setup (I added an IP address to my
> > eth0 interface) my strongswan VPN service fails to add a route to my
> > routing table (it used to work before):
> >
> > installing route: 10.180.0.0/24 via 136.243.17.1 src 172.16.48.17 dev
> eth0
> > received netlink error: Network is unreachable (101)
> >
> > If I manually try to add the route I get the same error message:
> >
> > # ip route add  10.180.0.0/24 via 136.243.17.1 src 172.16.48.17 dev eth0
> > RTNETLINK answers: Network is unreachable
> >
> > I've asked[1] the same question on the strongswan mailing list but
> > haven't found a solution yet.
> >
> > My network settings are fairly simple (note I'm deploying my machine
> > using nixops to Hetzner):
> >
> >   deployment = {
> >     targetEnv = "hetzner";
> >     hetzner = {
> >       mainIPv4  = "136.243.17.41";
> >       ...
> >     };
> >   };
> >
> >   networking = {
> >     enableIPv6 = false;
> >     useDHCP = false;
> >
> >     interfaces.eth0.ip4 = [
> >       { address = "136.243.25.125"; prefixLength = 32; }
> >       { address = "136.243.25.108"; prefixLength = 32; }
> >       { address = "172.16.48.17";   prefixLength = 28; }
> >     ];
> >
> >     firewall = {
> >       enable    = true;
> >       allowPing = true;
> >       allowedTCPPorts = [ ... ];
> >     }
> >   };
> >
> > Any idea why I can't add that route?
> >
> > Regards,
> >
> > Bas
> >
> > [1] https://lists.strongswan.org/pipermail/users/2015-April/007935.html
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150428/650816ba/attachment-0001.html

More information about the nix-dev mailing list