2 Nics, 2 IPs, 2 Routers, 1 Computer

I am running Tomcat and Apache on one Linux (2.4.22) computer.

Inventory/Assumptions
-----------------------------
one modem
two routers
one computer

abc.com ip = 111.111.111.111
xyz.com ip = 222.222.222.222

router1 lan ip = 192.168.0.1 (wan ip = 111.111.111.111 = abc.com)
router2 lan ip = 10.10.0.1 (wan ip = 222.222.222.222 = xyz.com)

eth0 ip = 192.168.0.3
eth1 ip = 10.10.0.3

abc.com -> [modem1] -> [router1] -> [computer1] -> [port 8080] -> Tomcat
xyz.com -> [modem1] -> [router2] -> [computer1] -> [port 80] -> Apache

Problem
-----------
Depending on which router I have defined as the default gateway (via the route command), only that gateway's traffic is accepted by the computer.

Example:
# route add default gw 192.168.0.1
The computer only accepts connections via abc.com (111.111.111.111)
Likewise:
# route add default gw 10.10.0.1
The computer only accepts connections via xyz.com (222.222.222.222)

Question
-----------
Can I get my computer to accept connections from both nics for their incoming connections (via their respective paths) at the same time?

Regards...

Check:

http://www.cs.helsinki.fi/linux/linu...2-16/0676.html

http://www.experts-exchange.com/Secu..._20578975.html

If those don't answer your questions, try this link:

http://www.google.com/search?q=allow...&start=20&sa=N

Actually whats happening is the connection is being accepted from both NICs... the problem is your box sends out the response via the default GW.

so it goes like this:
->some.other.box.com tries to open a connection with you
->inbound traffic on 111.111.111.111
<-computer sees that and sends an ack. that the packet was received (assuming tcp)
<-since 111.111.111.111 is the default GW all is good in the world
->some.other.box.com gets your ack from 111.111.111.111 as expected
->continues with transmission normally

On the other hand, lets say you're now trying to accept traffic from your other NIC:
->random.box.com tries to open a connection with you
->inbound traffic on 222.222.222.222
<-computer sees that and sends an ack. that the packet was received (assuming tcp)
<-since your computer doesn't know how to reach random.box.com exactly it responds over your default GW
->random.box.com gets an ack back from 111.111.111.111 and doesn't know what to do with it as its trying to open communications with 222.222.222.222.
-- packet is dropped and connection isn't made.

vi0lat0r:
Thanks for the links. One of the links has this tidbit of info (which I thought would solve my problem).
"This takes care of incoming connections, the traffic should go to the
right NIC and be sent back through the right NIC. To balance outgoing
connections you can try this instead of defining a default route:
route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0
route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1"

Route complains that the netmask of 0.0.0.1 is 'bogus'

-----------------------------------------------------------------------

tr4nsfix:
Thanks for the info. What you said makes sense. I've tried defining two default gateways, but it looks like only one of them is the 'real' default (fifo?). Anyway, do you know how I can solve this problem? ipchains, iptables, etc?

Sadly, while I've seen a lot of people attempt to do this, I've never seen a resolution to the problem. The only thing that comes close is called Bonded Ethernet, but thats not quite what you're looking for either...

I'll keep an eye out though and let you know if I find anything. Please do make a post here if you some up with something that works also.

I am not sure what that message in that first link where......

route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0
route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1"

comes from is trying to describe. it may be something specific in a certain situation, or i didn't read it closely enough, so i won't say that it is wrong. But, when you write route add -net 0.0.0.0 netmask 0.0.0.1 i think that it should be route add -net 0.0.0.0 netmask 0.0.0.0 dev eth0

the network 0.0.0.0 0.0.0.0 is a reserved network, similar to the way the private addresses are reserved in that they are used to represent all networks which are not specifically expressed in the routing table, and in a sense is used to specify a default gateway. if you were to issue the command route -n it will show you the routing table of your computer and you will see that the destination 0.0.0.0 points to your default gateway address. using the route commands you can manually alter your routing table.

the question now becomes if the computer is always being accessed from the same network or if its being accessed from computers on the internet and you would not know their addresses?

because if you network is devided into the 3 segments described, network with router interface 1.1.1.1, segment with the computer on network 192.168.0.0 and 10.10.0.0 and segment with router interface ip 2.2.2.2 what you could do is specify static routes to the 1.1.1.0 ? and 2.2.2.0 ? networks.

so you would say for example
route add -net 1.1.1.0 netmask 255.255.255.0 eth0
route add -net 2.2.2.0 netmask 255.255.255.0 eth1
route add -net 0.0.0.0 netmask 0.0.0.0 eth0
route add -net 0.0.0.0 netmask 0.0.0.0 eth1

now you have 2 default routes and have associated one network to one default route and the other network to the other default route. now you can add the 2 default GW' and hopefully it will work....

or you can just try
route add -net 0.0.0.0 netmask 0.0.0.0 eth0
route add -net 0.0.0.0 netmask 0.0.0.0 eth1

play around with these configurations. the answer i think lies in routing table entries. maybe you can also play with nat somehow.

the error to the command in the info from the "link"would be from having put in 0.0.0.1 instead of 0.0.0.0 and that alone might work. i have not tested these configs myself yet, but for this to work and have the two default 0.0.0.0 routes in place the computer would need to send out the response out the interface it recieved the request from. again i am thinking that if that is how the computer behaves it will work. and again i am just offering ideas, i haven't gone to try it out yet. also you can maybe pull out your trusty ethereal protocol anylyzer, and really see what your computer is doing, what traffic is acctually on your netowrk and how the computer is interacting with the routers.

hope something here works for you.

Quote:

Originally posted by bozeman vi0lat0r: Thanks for the links. One of the links has this tidbit of info (which I thought would solve my problem). "This takes care of incoming connections, the traffic should go to the right NIC and be sent back through the right NIC. To balance outgoing connections you can try this instead of defining a default route: route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0 route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1" Route complains that the netmask of 0.0.0.1 is 'bogus' ----------------------------------------------------------------------- tr4nsfix: Thanks for the info. What you said makes sense. I've tried defining two default gateways, but it looks like only one of them is the 'real' default (fifo?). Anyway, do you know how I can solve this problem? ipchains, iptables, etc?

captainp... Thanks for the info. I will give it a try...