DaemonForums  

Go Back   DaemonForums > Other Operating Systems > Other BSD and UNIX/UNIX-like

Other BSD and UNIX/UNIX-like Any other flavour of BSD or UNIX that does not have a section of its own.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default Two NICs on same subnet

I have a Red Hat Enterprise Linux 4.7 server with two ethernet NICs on the same subnet. (Note that Linux names ethernet cards eth0, eth1,... ethn.)

Code:
# ifconfig | egrep 'eth|inet'
eth0      Link encap:Ethernet  HWaddr 00:22:19:04:EA:7A  
          inet addr:172.16.83.27  Bcast:172.16.83.31  Mask:255.255.255.224
eth3      Link encap:Ethernet  HWaddr 00:15:17:8C:7C:D1  
          inet addr:172.16.83.29  Bcast:172.16.83.31  Mask:255.255.255.224
eth0 (172.16.83.27) has sshd listening on tcp port 22. eth3 (172.16.83.29) has httpd listening on tcp port 443.

Code:
# netstat -ltn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 172.16.83.27:22             0.0.0.0:*                   LISTEN          
tcp        0      0 172.16.83.29:443            0.0.0.0:*                   LISTEN
I'm noticing some odd behavior: my host-level firewall logging shows that sometimes traffic to 172.16.83.29:443 is coming in on eth3, but other times traffic to 172.16.83.29:443 is coming in on eth0.

Here is my routing table:

Code:
# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.83.0     0.0.0.0         255.255.255.224 U         0 0          0 eth0
172.16.83.0     0.0.0.0         255.255.255.224 U         0 0          0 eth3
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth3
0.0.0.0         172.16.83.1     0.0.0.0         UG        0 0          0 eth0
I suspect the behavior I'm seeing could be solved by a routing table entry, but I am not confident that I know exactly what that entry should be. I'm willing to experiment a bit (while physically on site, in case I break the networking), but could someone speak to whether this makes sense and/or whether I appear to be barking up the right tree?
__________________
Kill your t.v.
Reply With Quote
  #2   (View Single Post)  
Old 6th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

@ephemera: I saw your question but it is gone now.

I will add anyway: in this case the 172.16.83.0/255.255.255.224 network is on a VLAN. Both NICs are physically connected via ethernet cable to the same switch.
__________________
Kill your t.v.
Reply With Quote
  #3   (View Single Post)  
Old 6th November 2008
ephemera's Avatar
ephemera ephemera is offline
Knuth's homeboy
 
Join Date: Apr 2008
Posts: 537
Thanked 49 Times in 43 Posts
Default

Quote:
Originally Posted by anomie View Post
@ephemera: I saw your question but it is gone now.
yeah, sorry about that. my networking experience is very limited so i figured its best to let other more proficient members do the talking.
Reply With Quote
  #4   (View Single Post)  
Old 6th November 2008
ephemera's Avatar
ephemera ephemera is offline
Knuth's homeboy
 
Join Date: Apr 2008
Posts: 537
Thanked 49 Times in 43 Posts
Default

Quote:
Originally Posted by anomie View Post
[code]
Code:
# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.83.0     0.0.0.0         255.255.255.224 U         0 0          0 eth0
172.16.83.0     0.0.0.0         255.255.255.224 U         0 0          0 eth3
...
i wonder how the routing decision is handled for that? a packet destined for the net 172.16.83.0/27 will transmitted across eth0 or eth3?
And all other packets are sent through eth0?
(just thinking out aloud. I hope i am not embarrasing myself. :-D).

Last edited by ephemera; 6th November 2008 at 08:23 PM.
Reply With Quote
  #5   (View Single Post)  
Old 7th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

Quote:
Originally Posted by ephemera
i wonder how the routing decision is handled for that? a packet destined for the net 172.16.83.0/27 will transmitted across eth0 or eth3?
And all other packets are sent through eth0?
That's what I would expect (and I could set up some logging rules to verify this). It seems that when traffic originates at the server going outbound, it leaves on eth0.

What I don't understand is why it is entering on eth0 (sometimes) when it should be entering on eth3. I'll think about this some more.
__________________
Kill your t.v.
Reply With Quote
  #6   (View Single Post)  
Old 7th November 2008
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Thanked 40 Times in 39 Posts
Default

The official guide tells us that behaviour when two interfaces have the same network address is "undefined". Do a search for the phrase "nasal demons" if you want to know more about that!

Basically, what a system does in this case is up to it. FreeBSD gives an error and refuses to allow it, most systems silently disable one of the devices, others do things like round-robbin-ing outbound packets. But, without a doubt, two interfaces on one subnet is a misconfiguration.

If you need this, then you need to set up some kind of a virtual interface device that merges the two physical interfaces. Most systems have some support for this.
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
Reply With Quote
  #7   (View Single Post)  
Old 7th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

That's interesting - I didn't know it was considered a misconfiguration.

Quote:
Originally Posted by robbak
If you need this, then you need to set up some kind of a virtual interface device that merges the two physical interfaces. Most systems have some support for this.
I can do that. (NIC bonding.)

Quote:
Originally Posted by robbak
The official guide tells us that behaviour when two interfaces have the same network address is "undefined".
What official guide are you referring to? A RFC?
__________________
Kill your t.v.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Lagg failover on FreeBSD 7.0 Dell 1950/Broadcom 5708 NICs rfranzke FreeBSD General 4 14th September 2010 08:06 PM
mpd5 stoped working after subnet change hamba FreeBSD General 0 29th May 2008 04:22 PM


All times are GMT. The time now is 06:25 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick