tom, why ? to what end, this topology ? please enlightenment as to the value added ? v/r, ~piranha -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx]On Behalf Of Tom Eastep Sent: Wednesday, February 02, 2005 8:22 AM Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: Two NICS with same IP and same client IP Raphael Jacquot wrote: > Hervé wrote: > >> Hello, >> >> I have a weird setup I would like to make work: I have two identical >> subnets connected to one machine via two different NICs, like this: >> >> Server | | Client 1 >> eth0:192.168.100.1 |---------| 192.168.100.2 >> | | Client 2 >> eth1:192.168.100.1 |------------------------------| 192.168.100.2 > > > having 2 interfaces on the same box with the same IP address > > repeat after me : > > WILL NOT WORK Having two interfaces with the same IP address and netmask doesn't work well. Having the same IP address with different netmasks can be useful. >From my firewall: gateway:/usr/src/linux-2.6.10/net/ipv4/netfilter# ip addr ls 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:a0:cc:db:31:c4 brd ff:ff:ff:ff:ff:ff inet 206.124.146.176/32 scope global eth0 inet6 fe80::2a0:ccff:fedb:31c4/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc htb qlen 1000 link/ether 00:02:e3:08:55:fa brd ff:ff:ff:ff:ff:ff inet 206.124.146.176/24 brd 206.124.146.255 scope global eth1 inet 206.124.146.178/24 brd 206.124.146.255 scope global secondary eth1:0 inet 206.124.146.180/24 brd 206.124.146.255 scope global secondary eth1:1 inet6 fe80::202:e3ff:fe08:55fa/64 scope link valid_lft forever preferred_lft forever 4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:08:c7:c0:e2:15 brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth2 inet6 fe80::208:c7ff:fec0:e215/64 scope link valid_lft forever preferred_lft forever 5: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 gateway:/usr/src/linux-2.6.10/net/ipv4/netfilter# Note Interfaces eth0 and eth1 -- both have IP address 206.124.146.176. eth0 interfaces to my DMZ where there is a single server (206.124.146.177) using Proxy ARP. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@xxxxxxxxxxxxx PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
