On Thu, Oct 21, 2010 at 3:32 PM, Grant Taylor <gtaylor@xxxxxxxxxxxxxxxxx> wrote: > On 10/21/10 11:42, Mateus Caruccio wrote: >> >> In the end, we came with a very simple solution (no iptables/ip needed): >> >> # ifconfig eth1 PROD_SRV_IP netmask PROD_SRV_NETMASK promisc -arp hw >> ether PROD_SRV_HWADDR up > > That looks like you bound it to eth1 when you were talking about eth0 > before. > > Are you using eth0 at all? Or does the box have two nics (0 & 1) in the > same subnet? > Sorry for that :P In fact eth0 is attached to port mirror, while eth1 is being used to management (this is the network we use for everyday work). So, where you read "ifconfig eth1..." it is actually "ifconfig eth0...". >> That is it ! > > Simple solutions are nice. Agree. Less is more. > >> All traffic targeted to PROD_SRV_IP is now being accepted by our mirrored >> eth1. Since this is an interface aimed to tests only, no matter what's being >> accepted. > > Ok. > > Are you accessing (for management) the dev server across the network at all? Yes, through eth1. > Or is everything done on console? > >> Thanks Jan and Grant for your suggestions and explanations. That worths a >> lot! > > You are welcome. I'm glad that you got things working, especially as simple > as you did. > > > > Grant. . . . > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- # ################ VOTE NULO ################ # Mateus de Oliveira Caruccio <mateus at caruccio dot com> # Old programmers never die. They just branch to another namespace -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
