2 VLANs
- 10.160.32.0/24 on ens160 -> * (assume multiple non-merging subnets)
- 10.192.16.0/24 on ens192 -> management
Through ens160 I can hit other networks via routing.
Through ens192 is my management interface which isn't routeable via ens160.
ping -I ens160 10.192.16.240
PING 10.192.16.240 (10.192.16.240) from 10.160.32.240 ens160: 56(84) bytes of data.
^C
--- 10.192.16.240 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1020ms
To retain access to the management interface, the default is via ens192. Obviously this means the unknown subnets on the other side of ens160 won't be automatically routable, they'd need to be added into the route table.
default via 10.192.16.1 dev ens192 proto static
default via 10.160.32.1 dev ens160 proto static
10.160.32.0/24 dev ens160 proto kernel scope link src 10.160.32.240
10.192.16.0/24 dev ens192 proto kernel scope link src 10.192.16.240
I need to be able to tell the routing table that anything that isn't destined for 10.192.16.0/24 needs to go through ens160. An example of a destination network on ens160 would be 172.16.0.0/17.
I can obviously easily do this via a static route ip route add 172.16.0.0/17 via 10.160.32.1, but the problem is I could have any number of networks on the other side of 10.160.32.0's interface via edge routing. I can't depend on being notified or discovering that a new network is now routable across that interface.
How do I achieve this goal of saying if not 10.192.16.0/24, via ens160? Another thought I had was trunking the port with the two vlans on it, but that's a fall-back and not the prefered solution. I have a feeling that 0.0.0.0 might be involved, but I am not sure on this.
