Ubuntu 24 server, 2 NICs, one is usual LAN/WAN to Internet, other is flat 10.1.1.* network of cameras and dumb switches with no routing or gateway (the server is a security video system running Zoneminder). My server seems to be confused about how to get to Internet addresses, and it is trying to route to addresses other than 10.1.1.* via the NIC that has no gateway or router.

NIC1 - enp1s0 - 10.1.1.115, nothing but 10.1.1.* addresses (10.1.1.100 is DHCP/NTP server for the cameras)

NIC2 - enp0s31f6 - 192.168.1.249, gateway is 192.168.1.1, rest of the world

My logs appear to indicate that the machine is trying to route to a remote external client like 12.75.125.XXX via NIC1, and the remote external client is timing out waiting. The log entries Im fretting over are example:

2024-09-28T13:17:35.321463-04:00 servername kernel: [UFW AUDIT] IN= OUT=enp1s0 SRC=192.168.1.249 DST=12.75.126.XXX LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=18563 DF PROTO=TCP SPT=443 DPT=64883 WINDOW=505 RES=0x00 ACK URGP=0 
2024-09-28T13:17:34.731460-04:00 servername kernel: [UFW AUDIT] IN= OUT=enp1s0 SRC=192.168.1.249 DST=12.75.126.XXX LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=18562 DF PROTO=TCP SPT=443 DPT=64883 WINDOW=505 RES=0x00 ACK URGP=0

ip route shows:

default via 10.1.1.100 dev enp1s0 proto dhcp src 10.1.1.115 metric 100
default via 192.168.1.1 dev enp0s31f6 proto dhcp src 192.168.1.249 metric 100 
10.1.1.0/24 dev enp1s0 proto kernel scope link src 10.1.1.115 metric 100 
10.1.1.100 dev enp1s0 proto dhcp scope link src 10.1.1.115 metric 100 
192.168.1.0/24 dev enp0s31f6 proto kernel scope link src 192.168.1.249 metric 100 
192.168.1.1 dev enp0s31f6 proto dhcp scope link src 192.168.1.249 metric 100

Is the route table the problem? I dont know how to fix this frustrating problem.

After attempting to fix the DHCP issue, ip a shows:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether a8:42:a1:06:23:46 brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.115/24 metric 100 brd 10.1.1.255 scope global dynamic enp1s0
       valid_lft 2675237sec preferred_lft 2675237sec
    inet6 fe80::aa42:a1ff:fe06:2346/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 54:bf:64:76:e4:af brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.249/24 metric 100 brd 192.168.1.255 scope global dynamic enp0s31f6
       valid_lft 82280sec preferred_lft 82280sec
    inet6 2605:8600:5c0:a4fe:56bf:64ff:fe76:e4af/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 70696sec preferred_lft 49096sec
    inet6 fe80::56bf:64ff:fe76:e4af/64 scope link 
       valid_lft forever preferred_lft forever

Found a typo in the DHCP.conf (10.1.1.100 is the DHCP server, its a Ubuntu 18 box). It had a router option that I commented out. I restarted the webserver and the DHCP server, and....This seems to have fixed my problem of external clients being unable to access the webserver. ip route shows:

default via 192.168.1.1 dev enp0s31f6 proto dhcp src 192.168.1.249 metric 100 
10.1.1.0/24 dev enp1s0 proto kernel scope link src 10.1.1.115 metric 100 
10.1.1.100 dev enp1s0 proto dhcp scope link src 10.1.1.115 metric 100 
192.168.1.0/24 dev enp0s31f6 proto kernel scope link src 192.168.1.249 metric 100 
192.168.1.1 dev enp0s31f6 proto dhcp scope link src 192.168.1.249 metric 100 

So I think Im back in business. But someone suggested I should change the "metric" value? I want all 10.1.1.X going out NIC1 and everything else going out NIC2, what should I do with the metric settings to further optimize?

Thanks yall, you are educating me!!