* [LARTC] 2 internal NIC's in the same network
@ 2002-11-25 13:14 virdzek, roman
2002-11-25 19:35 ` Martin A. Brown
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: virdzek, roman @ 2002-11-25 13:14 UTC (permalink / raw)
To: lartc
hi,
i have two internal nics
at PC1
eth1 eth2
10.0.0.1 10.0.0.2
| |
switch
|
pc2
eth0
10.0.0.3
and when I ping from pc2 -> PC1:eth2,
using tcpdump i see that PC1
send reply to (arp who has 10.0.0.2),
10.0.0.2 is at .....eth1.
why PC1 send back not proper HW address?
how I can force PC1 to say that 10.0.0.2
is at eth2?
thanks in advance!
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] 2 internal NIC's in the same network
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
@ 2002-11-25 19:35 ` Martin A. Brown
2002-11-27 14:10 ` virdzek, roman
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Martin A. Brown @ 2002-11-25 19:35 UTC (permalink / raw)
To: lartc
Roman,
# echo 1 > /proc/sys/net/ipv4/conf/all/hidden
# echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
# echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
If you don't have support for hidden in your kernel, visit Julian's page:
http://www.linux-vs.org/~julian/
http://www.linux-vs.org/~julian/#hidden
This will prevent ethernet interfaces from responding for ARP for IPs
active on other devices.
Good luck,
-Martin
: and when I ping from pc2 -> PC1:eth2,
: using tcpdump i see that PC1
: send reply to (arp who has 10.0.0.2),
: 10.0.0.2 is at .....eth1.
: why PC1 send back not proper HW address?
: how I can force PC1 to say that 10.0.0.2
: is at eth2?
:
:
:
: thanks in advance!
:
:
:
:
:
: _______________________________________________
: LARTC mailing list / LARTC@mailman.ds9a.nl
: http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
:
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] 2 internal NIC's in the same network
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
2002-11-25 19:35 ` Martin A. Brown
@ 2002-11-27 14:10 ` virdzek, roman
2002-11-27 14:16 ` Martin A. Brown
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: virdzek, roman @ 2002-11-27 14:10 UTC (permalink / raw)
To: lartc
martin,
I apply this patch and set hidden =1,arp_filter =1 too,
at all nic's but nothing changed. eth1 always reply that
ip 10.0.0.2 is at eth1...
It seems be so,that I can't forward packets over two different
nic's which are in same network.
bye
>Roman,
>
># echo 1 > /proc/sys/net/ipv4/conf/all/hidden
># echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
># echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
>
>If you don't have support for hidden in your kernel, visit Julian's page:
>
> http://www.linux-vs.org/~julian/
> http://www.linux-vs.org/~julian/#hidden
>
>This will prevent ethernet interfaces from responding for ARP for IPs
>active on other devices.
>
>Good luck,
>
>-Martin
>
> : and when I ping from pc2 -> PC1:eth2,
> : using tcpdump i see that PC1
> : send reply to (arp who has 10.0.0.2),
> : 10.0.0.2 is at .....eth1.
> : why PC1 send back not proper HW address?
> : how I can force PC1 to say that 10.0.0.2
> : is at eth2?
> :
> :
> :
> : thanks in advance!
> :
> :
> :
> :
> :
> : _______________________________________________
> : LARTC mailing list / LARTC@mailman.ds9a.nl
> : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> :
>
>
>
--
Roman Virdzek - System & Network Engineering
____________________________________________
JARON INTERNET GmbH
Hanauer Landstrasse 196a
D-60314 Frankfurt am Main
Fon:+49-69-405866-36 ; Fax:+49-69-405866-29
Internet: www.jaron.de ; www.popularix.de
____________________________________________
( Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N) )
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] 2 internal NIC's in the same network
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
2002-11-25 19:35 ` Martin A. Brown
2002-11-27 14:10 ` virdzek, roman
@ 2002-11-27 14:16 ` Martin A. Brown
2002-11-27 14:22 ` Martin A. Brown
2002-11-27 16:44 ` virdzek, roman
4 siblings, 0 replies; 6+ messages in thread
From: Martin A. Brown @ 2002-11-27 14:16 UTC (permalink / raw)
To: lartc
Roman,
: I apply this patch and set hidden =1,arp_filter =1 too,
: at all nic's but nothing changed. eth1 always reply that
: ip 10.0.0.2 is at eth1...
: It seems be so,that I can't forward packets over two different
: nic's which are in same network.
Tarek was correct when he mentioned that you'll need to use policy routing
in addition if both of the IPs you are using fall within the same network.
# ip rule add from 10.0.0.2 lookup 2
# ip rule add from 10.0.0.1 lookup 1
# ip route add 10.0.0.0/24 dev eth1 src 10.0.0.1
# ip route add 10.0.0.0/24 dev eth2 src 10.0.0.2
Turn on the ARP hiding functionality:
# echo 1 > /proc/sys/net/ipv4/conf/all/hidden
You'll need to do this *after* you have brought up the interfaces and
set the hidden flags explicitly.
# echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
# echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
Good luck,
-Martin
: >Roman,
: >
: >
: >If you don't have support for hidden in your kernel, visit Julian's page:
: >
: > http://www.linux-vs.org/~julian/
: > http://www.linux-vs.org/~julian/#hidden
: >
: >This will prevent ethernet interfaces from responding for ARP for IPs
: >active on other devices.
: >
: >Good luck,
: >
: >-Martin
: >
: > : and when I ping from pc2 -> PC1:eth2,
: > : using tcpdump i see that PC1
: > : send reply to (arp who has 10.0.0.2),
: > : 10.0.0.2 is at .....eth1.
: > : why PC1 send back not proper HW address?
: > : how I can force PC1 to say that 10.0.0.2
: > : is at eth2?
: > :
: > :
: > :
: > : thanks in advance!
: > :
: > :
: > :
: > :
: > :
: > : _______________________________________________
: > : LARTC mailing list / LARTC@mailman.ds9a.nl
: > : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
: > :
: >
: >
: >
:
:
:
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] 2 internal NIC's in the same network
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
` (2 preceding siblings ...)
2002-11-27 14:16 ` Martin A. Brown
@ 2002-11-27 14:22 ` Martin A. Brown
2002-11-27 16:44 ` virdzek, roman
4 siblings, 0 replies; 6+ messages in thread
From: Martin A. Brown @ 2002-11-27 14:22 UTC (permalink / raw)
To: lartc
Sorry! Correction below:
-Martin
Tarek was correct when he mentioned that you'll need to use policy routing
in addition if both of the IPs you are using fall within the same network.
# ip rule add from 10.0.0.2 lookup 2
# ip rule add from 10.0.0.1 lookup 1
# ip route add 10.0.0.0/24 dev eth1 src 10.0.0.1 table 1
# ip route add 10.0.0.0/24 dev eth2 src 10.0.0.2 table 2
Turn on the ARP hiding functionality:
# echo 1 > /proc/sys/net/ipv4/conf/all/hidden
You'll need to do this *after* you have brought up the interfaces and
set the hidden flags explicitly.
# echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
# echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] 2 internal NIC's in the same network
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
` (3 preceding siblings ...)
2002-11-27 14:22 ` Martin A. Brown
@ 2002-11-27 16:44 ` virdzek, roman
4 siblings, 0 replies; 6+ messages in thread
From: virdzek, roman @ 2002-11-27 16:44 UTC (permalink / raw)
To: lartc
hi,
ok thanks, it seem to be working now.
why it will not working with:
ip rule add iif eth2 lookup 2
ip rule add iif eth1 lookup 1 ?
and another one question. i have turned on
log martians, and kernel still write to me:
martian source from ...........when I ping
eth1 | eth2 ...but back get proper arp reply.
thanks for reply
bye
>Sorry! Correction below:
>
>-Martin
>
> Tarek was correct when he mentioned that you'll need to use policy routing
> in addition if both of the IPs you are using fall within the same network.
>
> # ip rule add from 10.0.0.2 lookup 2
> # ip rule add from 10.0.0.1 lookup 1
> # ip route add 10.0.0.0/24 dev eth1 src 10.0.0.1 table 1
> # ip route add 10.0.0.0/24 dev eth2 src 10.0.0.2 table 2
>
> Turn on the ARP hiding functionality:
>
> # echo 1 > /proc/sys/net/ipv4/conf/all/hidden
>
> You'll need to do this *after* you have brought up the interfaces and
> set the hidden flags explicitly.
>
> # echo 1 > /proc/sys/net/ipv4/conf/eth1/hidden
> # echo 1 > /proc/sys/net/ipv4/conf/eth2/hidden
>
>
>
--
Roman Virdzek - System & Network Engineering
____________________________________________
JARON INTERNET GmbH
Hanauer Landstrasse 196a
D-60314 Frankfurt am Main
Fon:+49-69-405866-36 ; Fax:+49-69-405866-29
Internet: www.jaron.de ; www.popularix.de
____________________________________________
( I drive way too fast to worry about cholesterol. )
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2002-11-27 16:44 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-11-25 13:14 [LARTC] 2 internal NIC's in the same network virdzek, roman
2002-11-25 19:35 ` Martin A. Brown
2002-11-27 14:10 ` virdzek, roman
2002-11-27 14:16 ` Martin A. Brown
2002-11-27 14:22 ` Martin A. Brown
2002-11-27 16:44 ` virdzek, roman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.