From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] 2 internal NIC's in the same network
Date: Wed, 27 Nov 2002 14:16:34 +0000 [thread overview]
Message-ID: <marc-lartc-103840673607222@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103823015001665@msgid-missing>
Roman,
: I apply this patch and set hidden =1,arp_filter =1 too,
: at all nic's but nothing changed. eth1 always reply that
: ip 10.0.0.2 is at eth1...
: It seems be so,that I can't forward packets over two different
: nic's which are in same network.
Tarek was correct when he mentioned that you'll need to use policy routing
in addition if both of the IPs you are using fall within the same network.
# ip rule add from 10.0.0.2 lookup 2
# ip rule add from 10.0.0.1 lookup 1
# ip route add 10.0.0.0/24 dev eth1 src 10.0.0.1
# ip route add 10.0.0.0/24 dev eth2 src 10.0.0.2
Turn on the ARP hiding functionality:
# echo 1 > /proc/sys/net/ipv4/conf/all/hidden
You'll need to do this *after* you have brought up the interfaces and
set the hidden flags explicitly.
# echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
# echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
Good luck,
-Martin
: >Roman,
: >
: >
: >If you don't have support for hidden in your kernel, visit Julian's page:
: >
: > http://www.linux-vs.org/~julian/
: > http://www.linux-vs.org/~julian/#hidden
: >
: >This will prevent ethernet interfaces from responding for ARP for IPs
: >active on other devices.
: >
: >Good luck,
: >
: >-Martin
: >
: > : and when I ping from pc2 -> PC1:eth2,
: > : using tcpdump i see that PC1
: > : send reply to (arp who has 10.0.0.2),
: > : 10.0.0.2 is at .....eth1.
: > : why PC1 send back not proper HW address?
: > : how I can force PC1 to say that 10.0.0.2
: > : is at eth2?
: > :
: > :
: > :
: > : thanks in advance!
: > :
: > :
: > :
: > :
: > :
: > : _______________________________________________
: > : LARTC mailing list / LARTC@mailman.ds9a.nl
: > : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
: > :
: >
: >
: >
:
:
:
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-11-27 14:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
2002-11-25 19:35 ` Martin A. Brown
2002-11-27 14:10 ` virdzek, roman
2002-11-27 14:16 ` Martin A. Brown [this message]
2002-11-27 14:22 ` Martin A. Brown
2002-11-27 16:44 ` virdzek, roman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103840673607222@msgid-missing \
--to=mabrown-lartc@securepipe.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.