Re: Two NICS with same IP and same client IP

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Tom Eastep <teastep@shorewall.net>
Cc: netfilter@lists.netfilter.org
Subject: Re: Two NICS with same IP and same client IP
Date: Wed, 02 Feb 2005 08:22:24 -0800	[thread overview]
Message-ID: <4200FE40.8070509@shorewall.net> (raw)
In-Reply-To: <4200A1F3.8030609@imag.fr>

Raphael Jacquot wrote:
> Hervé wrote:
> 
>> Hello,
>>
>> I have a weird setup I would like to make work: I have two identical
>> subnets connected to one machine via two different NICs, like this:
>>
>> Server             |         | Client 1
>> eth0:192.168.100.1 |---------| 192.168.100.2
>>                    |                              | Client 2
>> eth1:192.168.100.1 |------------------------------| 192.168.100.2
> 
> 
> having 2 interfaces on the same box with the same IP address
> 
> repeat after me :
> 
> WILL NOT WORK

Having two interfaces with the same IP address and netmask doesn't work
well. Having the same IP address with different netmasks can be useful.

From my firewall:

gateway:/usr/src/linux-2.6.10/net/ipv4/netfilter# ip addr ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:a0:cc:db:31:c4 brd ff:ff:ff:ff:ff:ff
    inet 206.124.146.176/32 scope global eth0
    inet6 fe80::2a0:ccff:fedb:31c4/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc htb qlen 1000
    link/ether 00:02:e3:08:55:fa brd ff:ff:ff:ff:ff:ff
    inet 206.124.146.176/24 brd 206.124.146.255 scope global eth1
    inet 206.124.146.178/24 brd 206.124.146.255 scope global secondary
eth1:0
    inet 206.124.146.180/24 brd 206.124.146.255 scope global secondary
eth1:1
    inet6 fe80::202:e3ff:fe08:55fa/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:08:c7:c0:e2:15 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.254/24 brd 192.168.1.255 scope global eth2
    inet6 fe80::208:c7ff:fec0:e215/64 scope link
       valid_lft forever preferred_lft forever
5: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
gateway:/usr/src/linux-2.6.10/net/ipv4/netfilter#

Note Interfaces eth0 and eth1 -- both have IP address 206.124.146.176.

eth0 interfaces to my DMZ where there is a single server
(206.124.146.177) using Proxy ARP.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

next prev parent reply	other threads:[~2005-02-02 16:22 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-02-02  9:35 Two NICS with same IP and same client IP Hervé
2005-02-02  9:48 ` Raphael Jacquot
     [not found]   ` <5172.57.66.65.39.1107338261.squirrel@57.66.65.39>
2005-02-02 10:28     ` Raphael Jacquot
2005-02-02 14:12       ` Jason Opperisano
2005-02-02 14:32         ` Hervé
2005-02-02 14:41           ` Jason Opperisano
2005-02-02 16:53             ` Hervé
2005-02-02 14:44           ` Raphael Jacquot
2005-02-02 16:40             ` Hervé
2005-02-02 16:22   ` Tom Eastep [this message]
2005-02-02 20:56 ` Jason Opperisano
  -- strict thread matches above, loose matches on Subject: below --
2005-02-02 16:26 Hudson Delbert J Contr 61 CS/SCBN
2005-02-02 16:49 ` Tom Eastep
2005-02-02 16:47 Gary W. Smith
2005-02-02 16:51 ` Raphael Jacquot
     [not found] ` <27594E8BA9D5CA458F5EF87D88B6B48F019948@pxtvjoexd01.pxt.primeexalia.co m>
2005-02-02 16:57   ` Hervé
2005-02-02 16:57   ` Hervé
     [not found] ` <18348031.1107363459685.JavaMail.rct@kale>
2005-02-02 18:41   ` Bob Tellefson
2005-02-02 20:47     ` Hervé
2005-02-02 22:22 Hudson Delbert J Contr 61 CS/SCBN
2005-02-02 22:29 ` Jason Opperisano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4200FE40.8070509@shorewall.net \
    --to=teastep@shorewall.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox