[i'm not clearly a network guru, but i've some knowledge... anyway i think i've arrived to my ``end point'' here. Probably i've also done some big mistake, so please sorry me.] I've setup in a local branch of my office two servers, say radagast (10.27.1.2) and olorin (10.27.1.3). They share the same UPS and the same place, sitting at roughly 20 centimeters each other. Network devices are in another room, not UPSes, and so if there's a power loss, radagast compain about that UPS desappear. Also this two servers share a samba domain, and the syncronize each other (LDAP, some folders, some other nfs-mounted, ...). So i've thinked to simply put a gigabit ethernet on each of the two server and link them together with a simple switched cable. Note that: i'm not interested in bonding nor in some sort of ``failover'' configuration , only to link together them. The first, for me, simple solution was to fire up the interfaces with the same IP and list an explicit link, so: on radagast (10.27.1.2 on eth0): ifconfig eth1 10.27.1.2 netmask 255.255.255.255 up route add -host 10.27.1.3 eth1 on olorin (10.27.1.3 on eth0) ifconfig eth1 10.27.1.3 netmask 255.255.255.255 up route add -host 10.27.1.2 eth1 and with this simple solution all seems works. Seems. After some ``hot calls'' i discovered that simply some services (i tested squid and the openldap server) does not communicate anymore; digging with tcpdump arise the problem: olorin acces the squid proxy on radagast via the eth1 interfaces, but reply on eth0, so olorin kernel drop the packet (i've not enabled log_martian, but i think was interesting ;). As try_out solution, i've enabled arp_proxy on eth0 and ip_forwarding, resulting in a working envirionment, but resulting also in packets directing to olorin that pass thru radagast and vice versa; also, a solution similar to this tempted in another place got some very big panic, probably an ``arp storm'' or something like this caused by the apt_proxy (older, less ``intelligent'' switches?). Clearly this is not the solution. ;) Ok, but, what *is* the solution? ;) There's no way to do whan i need, at least not assigning the same IPs to both interfaces? I have to simply disable the rp_filtering? Or setup some ip rule/ip route scripts to route explicitly (but how? The only example have different source IP, not the same source IP...) Please, help me. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)sv.lnf.it tel +39-0434-842711 fax +39-0434-842797 _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
