Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
12-14-2005, 08:49 PM
|
#1
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Rep: 
|
Debian Woody weird network issue w/2 NIC
First off, I want to point out that I am pretty new to linux.. I can find my way around but some specifics are a little blurry. Now, with that said, onto the problem. I recently migrated my Windows gameserver over to Debian linux, since a test run of it ran MUCH better than Windows. After getting everything setup, it seemed to be running pretty well. Recently I've been noticing some weird lag issues, but didn't get to look into the server as much as I would have liked. While I was checking into another problem, I noticed something strange in ifconfig:
Code:
eth0 Link encap:Ethernet HWaddr xxx
inet addr:xxx Bcast:xxx Mask:255.255.255.128
inet6 addr: xxx/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2428157 errors:0 dropped:0 overruns:242 frame:0
TX packets:2629440 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:237436666 (226.4 MiB) TX bytes:398740965 (380.2 MiB)
Interrupt:177 Base address:0xc000
eth1 Link encap:Ethernet HWaddr xxx
inet addr:xxx Bcast:xxx Mask:255.255.255.128
inet6 addr: xxx/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8851 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1089968 (1.0 MiB) TX bytes:1062 (1.0 KiB)
Interrupt:185 Base address:0xc400
Albeit this is just after a server restart, you can still catch the drift of the problem: receiving traffic is fine (the gameservers get all the traffic incoming onto the correct IP's) but outgoing traffic is ALL going through eth0! I uninstalled firestarter and tried to flush the iptables, but that did nothing. I looked around at several different iptables scripts, but they were almost all directed at NAT or masquerading, as this seems to be a common issue. But I have two cards, no NAT at all. I just want to allow a few ports to both cards and have them transmit on their respective cards! Can anyone help me out on this? I'm really quite stumped at this point as to why it's transmitting only on eth0.
Last edited by TBKDan; 12-14-2005 at 09:16 PM.
|
|
|
|
|
12-15-2005, 04:10 AM
|
#2
|
|
Member
Registered: Oct 2003
Location: Bath UK
Distribution: RedHat 7,9 RHEL 2.1-4 Suse 9.1, 9.2, Ubuntu, Centos 3-4, Fedora 3-5
Posts: 44
Rep:
|
Hi TBKDan,
can you dump your routing table (try route -n at the command line)
Dylan
|
|
|
|
|
12-15-2005, 08:15 AM
|
#3
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Original Poster
Rep:
|
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
129.21.112.0 0.0.0.0 255.255.255.128 U 0 0 0 eth0
129.21.112.0 0.0.0.0 255.255.255.128 U 0 0 0 eth1
129.21.112.0 0.0.0.0 255.255.255.128 U 0 0 0 eth2
0.0.0.0 129.21.112.126 0.0.0.0 UG 0 0 0 eth0
*yawns and then runs to take a shower to make class* |
|
|
|
|
12-15-2005, 08:23 AM
|
#4
|
|
Member
Registered: Oct 2003
Location: Bath UK
Distribution: RedHat 7,9 RHEL 2.1-4 Suse 9.1, 9.2, Ubuntu, Centos 3-4, Fedora 3-5
Posts: 44
Rep:
|
Hi TBKDan,
The routing table tells me that your default route is out through eth0 via the gateway 129.21.112.126.
This means that all traffic not for the local network will be sent out through eth0, regardless of which interface it came in on, unless you can find a way to bind a process to a specific interface.
It also looks to me like all three of your network interfaces are on the same network - is there any reason for this?
Dylan
|
|
|
|
|
12-15-2005, 08:35 AM
|
#5
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Original Poster
Rep:
|
Yeah, I was just looking at it now that I woke up and saw that it was all going through eth0. I'm on a college network and the more network cards, the more bandwidth  Is there any way I can get it to receive and send on their respective interfaces? |
|
|
|
|
12-15-2005, 08:48 AM
|
#6
|
|
Member
Registered: Oct 2003
Location: Bath UK
Distribution: RedHat 7,9 RHEL 2.1-4 Suse 9.1, 9.2, Ubuntu, Centos 3-4, Fedora 3-5
Posts: 44
Rep:
|
Am I right in thinking you're in college accomodation, and you've plugged all three network interfaces into an ethernet switch that is plugged into a single wall port for the college network? Or do you have multiple wall ports in your room?
If the former is the case then the bandwidth will be limited to that supplied to the wall port (I'd estimate that at 100Mb/s).
Also worth knowing is the speed of the backbone in the switch (if you have one), and what is the speed of the link that the college supplies to your building?
Usually the way to achieve more bandwidth is to bond (or aggregate) multiple interfaces together - but that has to be done at both ends, and I doubt the IT staff at the college will agree to bonding, or even if your network cards will support it! (usually an advanced feature).
Also worth asking is - can your pc handle the bandwidth? A lot of machines don't utilise all the bandwidth simply because either the server or client of the ethernet link is slower than the network.
Have you checked your network traffic to see if you're even using what you've got? Try running MRTG or Cacti and look at the graphs to see how busy your network interfaces are.
If you've got a 100-Base-Tx card then that is usually enough for all but the most powerful servers.
Saying all that, there may be a project for load balancing network traffic available for linux - try freshmeat or sourceforge.
HTH
Dylan
|
|
|
|
|
12-15-2005, 09:10 AM
|
#7
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Original Poster
Rep:
|
My college, although it has assloads of bandwidth, only gives roughly 100kb/s per IP, hence why I have the multiple NIC. I'm nowhere near the card nor switches capacity (12 port into one wall jack), but I'm probably pushing the limit that the school allows me I need to get out of the residence halls... WiFi and other places I've uploaded at 3mb/s lol. But that's why I have so many NIC though. Mainly two are used at this time, used to be more but I changed things around. |
|
|
|
|
12-15-2005, 10:59 AM
|
#8
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Original Poster
Rep:
|
Ok, I understand what is happening (the traffic is coming in on the right addresses, but it is leaving through one because route tells it to. And the fact that they are both connected to the same gateway is probably going to be a bitch So.. are there any ways to tell route to route it so that, say if it came in on eth1 it will leave on eth1? |
|
|
|
|
12-15-2005, 02:00 PM
|
#9
|
|
Member
Registered: Dec 2005
Location: NY, USA
Distribution: Ubuntu
Posts: 44
Original Poster
Rep:
|
Maybe this would be better off being moved to the Networking section? I started out thinking that it was going to be a firewall/iptables issue, now it seems like routing :P
EDIT: I made a new topic in the networking section so it will get the exposure it needs http://www.linuxquestions.org/questi...60#post2001160 Thanks for the help you have given me so far.
Last edited by TBKDan; 12-15-2005 at 04:39 PM.
|
|
|
|
All times are GMT -5. The time now is 05:14 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
