-----Forwarded Message-----> From: Tarek W. <tarek@cyberia.net.lb> > To: lartc@mailman.ds9a.nl > Subject: Re: [LARTC] 2 internal NIC''s in the same network > Date: 26 Nov 2002 09:12:33 -0200 > > > ur deliverance is by way of echo 1 > /proc/sys/net/ipv4/conf/eth{1,2}, > that''s what everybody says...however, this is not the whole story, ur > tryina setup two ips on the same subnet on two separate interfaces... in > simple routing, the first route to match is taken... so the traffic goes > out the first interface regardless of the source ip... u need to look > into source-based routing or "policy routing". read the iproute2 docs. > > On Mon, 2002-11-25 at 11:14, virdzek, roman wrote: > > hi, > > i have two internal nics > > > > at PC1 > > > > eth1 eth2 > > 10.0.0.1 10.0.0.2 > > > > | | > > switch > > | > > pc2 > > eth0 > > 10.0.0.3 > > > > > > > > > > and when I ping from pc2 -> PC1:eth2, > > using tcpdump i see that PC1 > > send reply to (arp who has 10.0.0.2), > > 10.0.0.2 is at .....eth1. > > why PC1 send back not proper HW address? > > how I can force PC1 to say that 10.0.0.2 > > is at eth2? >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tue, 2002-11-26 at 09:19, Tarek W. wrote:> -----Forwarded Message----- > > > From: Tarek W. <tarek@cyberia.net.lb> > > To: lartc@mailman.ds9a.nl > > Subject: Re: [LARTC] 2 internal NIC''s in the same network > > Date: 26 Nov 2002 09:12:33 -0200 > > > > > > ur deliverance is by way of echo 1 > /proc/sys/net/ipv4/conf/eth{1,2},rather /eth{1,2}/arp_filter> > that''s what everybody says...however, this is not the whole story, ur > > tryina setup two ips on the same subnet on two separate interfaces... in > > simple routing, the first route to match is taken... so the traffic goes > > out the first interface regardless of the source ip... u need to look > > into source-based routing or "policy routing". read the iproute2 docs. > > > > On Mon, 2002-11-25 at 11:14, virdzek, roman wrote: > > > hi, > > > i have two internal nics > > > > > > at PC1 > > > > > > eth1 eth2 > > > 10.0.0.1 10.0.0.2 > > > > > > | | > > > switch > > > | > > > pc2 > > > eth0 > > > 10.0.0.3 > > > > > > > > > > > > > > > and when I ping from pc2 -> PC1:eth2, > > > using tcpdump i see that PC1 > > > send reply to (arp who has 10.0.0.2), > > > 10.0.0.2 is at .....eth1. > > > why PC1 send back not proper HW address? > > > how I can force PC1 to say that 10.0.0.2 > > > is at eth2? > > > > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
hi, I have set arp_filter to 1 at both eth at PC1. then I ping eth2(10.0.0.2) from pc2 (10.0.0.3) and both eth1 and eth2 answers to arp request from pc2. it seems to be, that arp_filter is not the proper solution for me, i must apply hidden patch from http://www.linux-vs.org/~julian/#hidden as advice to me martin.a.brown. bye>>ur deliverance is by way of echo 1 > /proc/sys/net/ipv4/conf/eth{1,2}, >>that''s what everybody says...however, this is not the whole story, ur >>tryina setup two ips on the same subnet on two separate interfaces... in >>simple routing, the first route to match is taken... so the traffic goes >>out the first interface regardless of the source ip... u need to look >>into source-based routing or "policy routing". read the iproute2 docs. >> >> >> >> >> >>>hi, >>>i have two internal nics >>> >>> at PC1 >>> >>> eth1 eth2 >>>10.0.0.1 10.0.0.2 >>> >>> | | >>> switch >>> | >>> pc2 >>> eth0 >>> 10.0.0.3 >>> >>> >>> >>> >>>and when I ping from pc2 -> PC1:eth2, >>>using tcpdump i see that PC1 >>>send reply to (arp who has 10.0.0.2), >>>10.0.0.2 is at .....eth1. >>>why PC1 send back not proper HW address? >>>how I can force PC1 to say that 10.0.0.2 >>>is at eth2? >>> >>> > > > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
here''s my setup on a production server without the hidden patch. and it works: # conf begin [root@slope root]# cat /etc/sysctl.conf | grep arp_filter net.ipv4.conf.default.arp_filter = 1 [root@slope root]# [root@slope root]# ip r s all 192.168.x.0/30 dev eth2 proto static scope link src 192.168.x.1 192.168.y.0/30 dev eth1 proto static scope link src 192.168.y.1 193.227.198.51/29 dev eth4 proto static 172.16.z.0/23 dev eth1 proto static scope link src 172.16.z.2 127.0.0.0/8 dev lo scope link [root@slope root]# [root@slope root]# ip rule s 0: from all lookup local 10000: from 172.16.z.1 lookup ip01 10002: from 172.16.z.3 lookup ip03 32766: from all lookup main 32767: from all lookup default [root@slope root]# [root@slope root]# ip r s table ip01 172.16.z.0/23 dev eth0 scope link src 172.16.2.1 [root@slope root]# ip r s table ip03 172.16.z.0/23 dev eth3 scope link src 172.16.2.3 [root@slope root]# #conf end as u can see, I have 3 ips on the same subnet on 3 separate interfaces, after testing, the setup above works perfectly without the hidden patch: [root@carve root]# arp -vn Address HWtype HWaddress Flags Mask Iface172.16.z.3 ether 00:04:76:DE:u:7B C eth0 172.16.z.2 ether 00:04:76:DE:v:EC C eth0 172.16.z.1 ether 00:04:76:DE:w:01 C eth0 Entries: 3 Skipped: 0 Found: 3 [root@carve root]# On Wed, 2002-11-27 at 09:54, virdzek, roman wrote:> hi, > I have set arp_filter to 1 at both eth at PC1. > then I ping eth2(10.0.0.2) from pc2 (10.0.0.3) > and both eth1 and eth2 answers to arp request > from pc2. > > it seems to be, that arp_filter is not the proper solution for me, > i must apply hidden patch from > > http://www.linux-vs.org/~julian/#hidden > > as advice to me martin.a.brown. > > bye > > >>ur deliverance is by way of echo 1 > /proc/sys/net/ipv4/conf/eth{1,2}, > >>that''s what everybody says...however, this is not the whole story, ur > >>tryina setup two ips on the same subnet on two separate interfaces... in > >>simple routing, the first route to match is taken... so the traffic goes > >>out the first interface regardless of the source ip... u need to look > >>into source-based routing or "policy routing". read the iproute2 docs. > >> > >> > >> > >> > >> > >>>hi, > >>>i have two internal nics > >>> > >>> at PC1 > >>> > >>> eth1 eth2 > >>>10.0.0.1 10.0.0.2 > >>> > >>> | | > >>> switch > >>> | > >>> pc2 > >>> eth0 > >>> 10.0.0.3 > >>> > >>> > >>> > >>> > >>>and when I ping from pc2 -> PC1:eth2, > >>>using tcpdump i see that PC1 > >>>send reply to (arp who has 10.0.0.2), > >>>10.0.0.2 is at .....eth1. > >>>why PC1 send back not proper HW address? > >>>how I can force PC1 to say that 10.0.0.2 > >>>is at eth2? > >>> > >>> > > > > > > > >_______________________________________________ > >LARTC mailing list / LARTC@mailman.ds9a.nl > >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > > > > > > > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/