Can I prevent a default route being added when bringing up an interface?
I faced similar problem on Raspbian (I suppose the solution below will be applicable to Debian as well). Raspberry Pi 3 has 2 NICs integrated: Wi-Fi and Ethernet. I use both of them, they are wlan0 and eth0, respectively. wlan0 is connected to my home Wi-Fi network and internet access comes through this interface. It gets its settings via DHCP from my home router. eth0 is connected directly to my windows PC and has static IP assigned. No internet access via eth0 was available since I didn't configure it on my windows PC.
In Raspbian, the dhcpcd daemon is responsible for configuring network interfaces. In order to set static IP to eth0 interface, there were following lines added to the end of /etc/dhcpcd.conf
:
interface eth0
static ip_address=192.168.2.2/24
static routers=192.168.2.1
static domain_name_servers=192.168.2.1
With this settings, dhcpcd created 2 default routes and route via eth0 had higher priority than that via wlan0:
pi@raspberrypi:~ $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.2.1 0.0.0.0 UG 202 0 0 eth0
default 192.168.1.254 0.0.0.0 UG 303 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 303 0 0 wlan0
192.168.2.0 * 255.255.255.0 U 202 0 0 eth0
So I had no internet access, because system tried to route it via eth0 and it didn't have internet access, as I mentioned above.
To solve the problem, I used nogateway
option in the /etc/dhcpcd.conf
for eth0 interface. So eth0-specific configuration started looking like that:
interface eth0
static ip_address=192.168.2.2/24
static routers=192.168.2.1
static domain_name_servers=192.168.2.1
nogateway
After saving this configuration and rebooting, there were no default route via eth0:
pi@raspberrypi:~ $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.1.254 0.0.0.0 UG 303 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 303 0 0 wlan0
192.168.2.0 * 255.255.255.0 U 202 0 0 eth0
Internet access appeared, and the problem was solved.
On RHEL6/Fedora 22 the following has been tested.
In /etc/sysconfig/network-scripts/ifcfg-eth1 add the line:
DEFROUTE=no
Replace eth1 with name of interface where default routing is not wanted.
This can also be done via Network Manager GUI by checking the box "Use this connection only for resources on its network" at the bottom of the IPv4 tab.
DEFROUTE=no prevents the addition of the default route ( destination 0.0.0.0 ) to the routing table when the interface is enabled. ie. the following entry would not be added.
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.16.x.x 0.0.0.0 UG 0 0 0 eth1
The DHCP server configuration is wrong. It must not send a default gateway option when it can't provide routing to the rest of the world. If it does send that option then any client may assume that it can send packets for any off-link destination to the specified default gateway.
So your box is right in using the default gateway from eth0 if it is told so by DHCP. The solution is to remove the bad option from your DHCP server.