LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-11-2014, 09:56 AM   #1
TheGabeMan
LQ Newbie
 
Registered: Oct 2012
Posts: 6

Rep: Reputation: Disabled
Multiple IPs on same nic AND routing


Hi
I have a VM running CentOS 6.5. It needs to have two IP addresses in the same subnet. Configuring the two IP addresses is no problem, but being able to ping them both from a different subnet is. I think I know what is going wrong. When a packet for 192.168.1.1 on eth0 comes in, it will also leave on eth0 because of the default gateway. But when a packet comes in on 192.168.1.2 on eth1, it will leave over eth0. So the client that was pinging 192.168.1.2 will receive a reply from a different Mac address and will deny it.

Is my assumption correct? Is there a way to make this possible? Should I do this with 1 nic and multiple IPs or two nic with one IP each?

Gabrie
 
Old 09-11-2014, 10:13 AM   #2
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 3,505

Rep: Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572Reputation: 1572
Unless you have a compelling reason the best way of doing this is to use 1 NIC and have both IP addresses presented on it.
 
Old 09-11-2014, 10:45 AM   #3
TheGabeMan
LQ Newbie
 
Registered: Oct 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by TenTenths View Post
Unless you have a compelling reason the best way of doing this is to use 1 NIC and have both IP addresses presented on it.
Even with 1 nic (eth0 and eth0:0) I didn't get a reply on the eth0:0 interface. Or maybe routing / default gateway is set incorrectly. Would you have a good guide for that? Especially gw / routing settings?
 
Old 09-11-2014, 12:47 PM   #4
sgrlscz
Member
 
Registered: Aug 2008
Posts: 123

Rep: Reputation: 84
CentOS/RHEL 6 defaults to strict reverse path filtering. With that setting, the system checks whether the source address of the received packet is reachable through the interface it came in on. If it isn't, then the packet is dropped.

You can change to loose reverse path filtering, which will check if the source address is reachable on any of the interfaces. If so, the packet is accepted. This is the setting recommended for asymmetric routing.

To change temporarily, do:

Code:
# echo 2 > /proc/sys/net/ipv4/conf/default/rp_filter
# echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter
For a permanent change, edit the /etc/sysctl.conf and change the net.ipv4.conf.default.rp_filter setting to 2.

There is an article about the settings at https://access.redhat.com/solutions/53031. You can also find other articles by searching for "centos rp_filter".
 
Old 09-11-2014, 01:19 PM   #5
TheGabeMan
LQ Newbie
 
Registered: Oct 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
Thank you, going to play with that. Found a VMware KB article about it, but it was suggesting to set it to 0. So maybe that info is not correct. Will follow your guidelines. Thx !
 
Old 09-11-2014, 01:28 PM   #6
sgrlscz
Member
 
Registered: Aug 2008
Posts: 123

Rep: Reputation: 84
The advantage of 2 is that it provides better protection from IP spoofing than turning it off completely. Also, 2 gives you the same behavior as the default in CentOS/RHEL 5.
 
Old 09-11-2014, 03:30 PM   #7
TheGabeMan
LQ Newbie
 
Registered: Oct 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
Very strange.... I tried the rp_filter settings and noticed I had no default route. After adding:
route add -net default gw 192.168.1.254 dev eth0

It worked. So I rebooted the system to see if it would work without the rp_filter. After the system rebooted it was unpingable and after adding the default route now suddenly both were pingable. Strange thing is that I have set a default gateway in /etc/sysconfig/network:
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=vascel01.xxxxxx.lan
GATEWAY=192.168.1.254

I have no clue why this doesn't stick after a reboot. I have no gateway set in the ifcfg-eth0 / ifcfg-eth0:0.

Created /etc/sysconfig/network-scripts/route-eth0:
192.168.1.0/24 via 192.168.1.1 dev eth0
default 192.168.1.254 dev eth0


But that doesn't seem to stick either....
 
Old 09-12-2014, 01:49 AM   #8
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
Route add is not permanent. Neither is IP route add.

As you pointed out, /etc/sysconfig/network-scripts/route-ifname is the correct place for static routes. What do you mean it's not sticking after a reboot? That file is static, so what you put in there stays in there.
 
Old 09-12-2014, 06:19 AM   #9
sgrlscz
Member
 
Registered: Aug 2008
Posts: 123

Rep: Reputation: 84
Do you have the Network Manager installed? That will wreak havoc with network configuration.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables, multiple IPs and routing mbgd Linux - Networking 2 09-15-2012 05:52 AM
Using two NIC with private & public IPs - Routing issue occurs Udhayakrishnan Linux - Networking 14 09-10-2009 07:35 AM
Multiple ips/gateways one NIC - Routing gsaminath Linux - Newbie 4 05-27-2009 02:28 AM
routing multiple ips - help me! linuxxed Linux - Networking 1 02-13-2004 07:31 AM
multiple IPs, one nic v4lu3s Linux - Networking 4 02-07-2004 10:52 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration