[i''m not clearly a network guru, but i''ve some knowledge... anyway i think i''ve arrived to my ``end point'''' here. Probably i''ve also done some big mistake, so please sorry me.] I''ve setup in a local branch of my office two servers, say radagast (10.27.1.2) and olorin (10.27.1.3). They share the same UPS and the same place, sitting at roughly 20 centimeters each other. Network devices are in another room, not UPSes, and so if there''s a power loss, radagast compain about that UPS desappear. Also this two servers share a samba domain, and the syncronize each other (LDAP, some folders, some other nfs-mounted, ...). So i''ve thinked to simply put a gigabit ethernet on each of the two server and link them together with a simple switched cable. Note that: i''m not interested in bonding nor in some sort of ``failover'''' configuration , only to link together them. The first, for me, simple solution was to fire up the interfaces with the same IP and list an explicit link, so: on radagast (10.27.1.2 on eth0): ifconfig eth1 10.27.1.2 netmask 255.255.255.255 up route add -host 10.27.1.3 eth1 on olorin (10.27.1.3 on eth0) ifconfig eth1 10.27.1.3 netmask 255.255.255.255 up route add -host 10.27.1.2 eth1 and with this simple solution all seems works. Seems. After some ``hot calls'''' i discovered that simply some services (i tested squid and the openldap server) does not communicate anymore; digging with tcpdump arise the problem: olorin acces the squid proxy on radagast via the eth1 interfaces, but reply on eth0, so olorin kernel drop the packet (i''ve not enabled log_martian, but i think was interesting ;). As try_out solution, i''ve enabled arp_proxy on eth0 and ip_forwarding, resulting in a working envirionment, but resulting also in packets directing to olorin that pass thru radagast and vice versa; also, a solution similar to this tempted in another place got some very big panic, probably an ``arp storm'''' or something like this caused by the apt_proxy (older, less ``intelligent'''' switches?). Clearly this is not the solution. ;) Ok, but, what *is* the solution? ;) There''s no way to do whan i need, at least not assigning the same IPs to both interfaces? I have to simply disable the rp_filtering? Or setup some ip rule/ip route scripts to route explicitly (but how? The only example have different source IP, not the same source IP...) Please, help me. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'''' http://www.sv.lnf.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)sv.lnf.it tel +39-0434-842711 fax +39-0434-842797
On 9/25/06, Marco Gaiarin <xxx@xxxx.xxx> wrote:> > > [i''m not clearly a network guru, but i''ve some knowledge... anyway i > think i''ve arrived to my ``end point'''' here. Probably i''ve also done > some big mistake, so please sorry me.] > > > I''ve setup in a local branch of my office two servers, say radagast > (10.27.1.2) and olorin (10.27.1.3). They share the same UPS and the > same place, sitting at roughly 20 centimeters each other. > Network devices are in another room, not UPSes, and so if there''s a > power loss, radagast compain about that UPS desappear. > Also this two servers share a samba domain, and the syncronize each > other (LDAP, some folders, some other nfs-mounted, ...). > > > So i''ve thinked to simply put a gigabit ethernet on each of the two > server and link them together with a simple switched cable. > Note that: i''m not interested in bonding nor in some sort of > ``failover'''' configuration , only to link together them. > > The first, for me, simple solution was to fire up the interfaces with > the same IP and list an explicit link, so: > > on radagast (10.27.1.2 on eth0): > ifconfig eth1 10.27.1.2 netmask 255.255.255.255 up > route add -host 10.27.1.3 eth1 > > on olorin (10.27.1.3 on eth0) > ifconfig eth1 10.27.1.3 netmask 255.255.255.255 up > route add -host 10.27.1.2 eth1 > > and with this simple solution all seems works. Seems. > After some ``hot calls'''' i discovered that simply some services (i > tested squid and the openldap server) does not communicate > anymore; digging with tcpdump arise the problem: olorin acces the squid > proxy on radagast via the eth1 interfaces, but reply on eth0, so olorin > kernel drop the packet (i''ve not enabled log_martian, but i think was > interesting ;).Hi, Did you try using ip from iproute tools, which is a much more advanced tool than ifconfig and route? I think your problem is at the link layer and may have to do with ARP resolution. Check the neighbour object from ip command. With this you can bind an ip address to a MAC address which I think is your problem: some times the ARP resolution that your hosts perform results in different MAC addresses. In any case I must tell I don''t like this workaround. It makes no sense, to be honest. Having a host with two nics whith the same IP seems a horrible setup to me. Why don''t you use a different network for the link between these two hosts? Why do you need this link? You wouldn''t have routing nor ARP resolution problems. For your words I think you only want a direct link between this two hosts. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc