Re: first of the two IPs reachable only if second interface is down??
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hi Edward but now, if I do - ip route show I see: (change IPs for our purposes here) 10.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.2public_net/24 dev eth0 proto kernel scope link src "public_IP_of_the_box"
169.254.0.0/16 dev eth0 scope link metric 1002 169.254.0.0/16 dev eth1 scope link metric 1003 default via "public_IP_of_the_box" dev eth0 default via "private_IP_of_the_box" dev eth1 metric 1 isn't this already ok?both IP get set up by dhcpd by another admin, only setting by me is the metric, 0 for public inteface and 1 for private.
now I'll apply your instructions and let you know if there are any changes
I believe that if "a_client(s)" on private network (the same network the box operates on with its 'private interface') that has set the same gateway as "the_box", that this a_client(other computers on private network) if needs to reach 'public interface' of 'the_box' then the local gateway and other routers outside should take care of routing the traffic, and 'the_box' should not need any special configs. And if remember correctly it all used to work some long time ago, like:
a_client (10.0.0.100) <--> (10.0.0.1) router <---> (public IP) the_BOX (10.0.0.101) .. the rest of the stack
many! thanks for your help Edward On 21/06/12 12:34, Edward Murphy wrote:
Hi,What you'll find if I'm reading this right, is that packets are coming in via your public interface and out the private one. The requesting host simply discards The packet.Solutio: use Iproute2 to have 2 network tables for the system independent of eachother.Firstly. Please forgive syntax errors here as I'm doing this from memory.Edit /etc/iproute/rt_tables and add 2 lines: 200 external 201 internal Note the names are irrelevant. Reboot the system. Now in your init scripts for network setup the interface. Let's say your private interface is 10.0.0.2/24ip route add 10.0.0.0/24 dev eth0 source 10.0.0.2 table private ip route add default via 10.0.0.1 source 10.0.0.2 table internalip rule add from 10.0.0.2 dev eth0 table internal.By doing this you are firstly setting up the routing table, and then pushing any data that has a source of your internal interface (replies to packets mostly) to use this routing table.Do the same for your public interface but specify the public network card, and the routing table external.Kind regards Edward Murphy ----- Reply message ----- From: "lejeczek" <peljasz@xxxxxxxxxxx> Date: Thu, Jun 21, 2012 01:08Subject: first of the two IPs reachable only if second interface is down??To: <lartc@xxxxxxxxxxxxxxx> hello everybody apologies if this may feel off the topic, I was hoping some net experts could shed some lights on some peculiar symptoms I experience I would very! much appreciate any help a BOX that has two net interfaces, a public and private one, both configured via dhcp by net admin public IP is reachable from/via the Internet/public network just fine, but at the same time same public IP is NOT reachable from within PRIV network, the same network the BOX's second interface is on default gateway for the PRIV subnet is a separate another system, BOX uses PRIV gateway as the default one (but have tried the public gateway too) arpinging both IPs from PRIV gives me the same one MAC of BOX private net interface public IP becomes reachable to PRIV subnet immediately after second(private) interface was turned down we have no control over the whole network stack but know that PUBLIC IP connection goes via unmanaged switches to the gateway is it the BOX or the network stack somewhere? unmanaged switches should not cache any ARP, also, how come that it gets corrected (public becomes available to PRIV) only if I turn PRIV interface down?? box is SL 6.1, firewall is off, ip_forward=0 this is the most peculiar problem of this nature I've ever experienced the goal is simple, have other systems on the same private subnet as the BOX's second interface to be able to talk to the BOX's public IP obviously not routed via BOX's private address, this workaround solves the problem, but routing via PRIV's gataway many thanks --To unsubscribe from this list: send the line "unsubscribe lartc" inthe body of a message to majordomo@xxxxxxxxxxxxxxxMore majordomo info at http://vger.kernel.org/majordomo-info.html
-- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html