LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-26-2004, 08:56 PM   #1
bozeman
LQ Newbie
 
Registered: Mar 2004
Location: Orange County, CA
Posts: 3

Rep: Reputation: 0
Question 2 Nics, 2 IPs, 2 Routers, 1 Computer


I am running Tomcat and Apache on one Linux (2.4.22) computer.

Inventory/Assumptions
-----------------------------
one modem
two routers
one computer

abc.com ip = 111.111.111.111
xyz.com ip = 222.222.222.222

router1 lan ip = 192.168.0.1 (wan ip = 111.111.111.111 = abc.com)
router2 lan ip = 10.10.0.1 (wan ip = 222.222.222.222 = xyz.com)

eth0 ip = 192.168.0.3
eth1 ip = 10.10.0.3

abc.com -> [modem1] -> [router1] -> [computer1] -> [port 8080] -> Tomcat
xyz.com -> [modem1] -> [router2] -> [computer1] -> [port 80] -> Apache

Problem
-----------
Depending on which router I have defined as the default gateway (via the route command), only that gateway's traffic is accepted by the computer.

Example:
# route add default gw 192.168.0.1
The computer only accepts connections via abc.com (111.111.111.111)
Likewise:
# route add default gw 10.10.0.1
The computer only accepts connections via xyz.com (222.222.222.222)

Question
-----------
Can I get my computer to accept connections from both nics for their incoming connections (via their respective paths) at the same time?

Regards...
 
Old 03-26-2004, 09:06 PM   #2
vi0lat0r
Member
 
Registered: Aug 2003
Location: Lewisville, TX
Distribution: Kubuntu
Posts: 295

Rep: Reputation: 30
Check:

http://www.cs.helsinki.fi/linux/linu...2-16/0676.html

http://www.experts-exchange.com/Secu..._20578975.html

If those don't answer your questions, try this link:

http://www.google.com/search?q=allow...&start=20&sa=N
 
Old 03-26-2004, 09:35 PM   #3
tr4nsfix
Member
 
Registered: Mar 2004
Location: Toronto, Ontario
Distribution: Debian
Posts: 36

Rep: Reputation: 15
Actually whats happening is the connection is being accepted from both NICs... the problem is your box sends out the response via the default GW.

so it goes like this:
->some.other.box.com tries to open a connection with you
->inbound traffic on 111.111.111.111
<-computer sees that and sends an ack. that the packet was received (assuming tcp)
<-since 111.111.111.111 is the default GW all is good in the world
->some.other.box.com gets your ack from 111.111.111.111 as expected
->continues with transmission normally

On the other hand, lets say you're now trying to accept traffic from your other NIC:
->random.box.com tries to open a connection with you
->inbound traffic on 222.222.222.222
<-computer sees that and sends an ack. that the packet was received (assuming tcp)
<-since your computer doesn't know how to reach random.box.com exactly it responds over your default GW
->random.box.com gets an ack back from 111.111.111.111 and doesn't know what to do with it as its trying to open communications with 222.222.222.222.
-- packet is dropped and connection isn't made.
 
Old 03-26-2004, 10:28 PM   #4
bozeman
LQ Newbie
 
Registered: Mar 2004
Location: Orange County, CA
Posts: 3

Original Poster
Rep: Reputation: 0
vi0lat0r:
Thanks for the links. One of the links has this tidbit of info (which I thought would solve my problem).
"This takes care of incoming connections, the traffic should go to the
right NIC and be sent back through the right NIC. To balance outgoing
connections you can try this instead of defining a default route:
route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0
route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1"

Route complains that the netmask of 0.0.0.1 is 'bogus'

-----------------------------------------------------------------------

tr4nsfix:
Thanks for the info. What you said makes sense. I've tried defining two default gateways, but it looks like only one of them is the 'real' default (fifo?). Anyway, do you know how I can solve this problem? ipchains, iptables, etc?
 
Old 03-26-2004, 10:46 PM   #5
tr4nsfix
Member
 
Registered: Mar 2004
Location: Toronto, Ontario
Distribution: Debian
Posts: 36

Rep: Reputation: 15
Sadly, while I've seen a lot of people attempt to do this, I've never seen a resolution to the problem. The only thing that comes close is called Bonded Ethernet, but thats not quite what you're looking for either...

I'll keep an eye out though and let you know if I find anything. Please do make a post here if you some up with something that works also.
 
Old 04-13-2004, 02:04 AM   #6
captainp
LQ Newbie
 
Registered: Apr 2004
Location: Montreal
Distribution: SuSE, RedHat, SoL
Posts: 8

Rep: Reputation: 0
I am not sure what that message in that first link where......

route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0
route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1"

comes from is trying to describe. it may be something specific in a certain situation, or i didn't read it closely enough, so i won't say that it is wrong. But, when you write route add -net 0.0.0.0 netmask 0.0.0.1 i think that it should be route add -net 0.0.0.0 netmask 0.0.0.0 dev eth0

the network 0.0.0.0 0.0.0.0 is a reserved network, similar to the way the private addresses are reserved in that they are used to represent all networks which are not specifically expressed in the routing table, and in a sense is used to specify a default gateway. if you were to issue the command route -n it will show you the routing table of your computer and you will see that the destination 0.0.0.0 points to your default gateway address. using the route commands you can manually alter your routing table.

the question now becomes if the computer is always being accessed from the same network or if its being accessed from computers on the internet and you would not know their addresses?

because if you network is devided into the 3 segments described, network with router interface 1.1.1.1, segment with the computer on network 192.168.0.0 and 10.10.0.0 and segment with router interface ip 2.2.2.2 what you could do is specify static routes to the 1.1.1.0 ? and 2.2.2.0 ? networks.

so you would say for example
route add -net 1.1.1.0 netmask 255.255.255.0 eth0
route add -net 2.2.2.0 netmask 255.255.255.0 eth1
route add -net 0.0.0.0 netmask 0.0.0.0 eth0
route add -net 0.0.0.0 netmask 0.0.0.0 eth1

now you have 2 default routes and have associated one network to one default route and the other network to the other default route. now you can add the 2 default GW' and hopefully it will work....

or you can just try
route add -net 0.0.0.0 netmask 0.0.0.0 eth0
route add -net 0.0.0.0 netmask 0.0.0.0 eth1

play around with these configurations. the answer i think lies in routing table entries. maybe you can also play with nat somehow.

the error to the command in the info from the "link"would be from having put in 0.0.0.1 instead of 0.0.0.0 and that alone might work. i have not tested these configs myself yet, but for this to work and have the two default 0.0.0.0 routes in place the computer would need to send out the response out the interface it recieved the request from. again i am thinking that if that is how the computer behaves it will work. and again i am just offering ideas, i haven't gone to try it out yet. also you can maybe pull out your trusty ethereal protocol anylyzer, and really see what your computer is doing, what traffic is acctually on your netowrk and how the computer is interacting with the routers.

hope something here works for you.



Quote:
Originally posted by bozeman
vi0lat0r:
Thanks for the links. One of the links has this tidbit of info (which I thought would solve my problem).
"This takes care of incoming connections, the traffic should go to the
right NIC and be sent back through the right NIC. To balance outgoing
connections you can try this instead of defining a default route:
route add -net 0.0.0.0 netmask 0.0.0.1 dev eth0
route add -net 0.0.0.1 netmask 0.0.0.1 dev eth1"

Route complains that the netmask of 0.0.0.1 is 'bogus'

-----------------------------------------------------------------------

tr4nsfix:
Thanks for the info. What you said makes sense. I've tried defining two default gateways, but it looks like only one of them is the 'real' default (fifo?). Anyway, do you know how I can solve this problem? ipchains, iptables, etc?

Last edited by captainp; 04-13-2004 at 02:12 AM.
 
Old 04-13-2004, 02:09 AM   #7
bozeman
LQ Newbie
 
Registered: Mar 2004
Location: Orange County, CA
Posts: 3

Original Poster
Rep: Reputation: 0
captainp... Thanks for the info. I will give it a try...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
2 routers, no internet, one computer in the middle blader8901 Linux - Networking 2 03-08-2005 08:04 PM
Intel D845GLLY + Multiple Intel Pro 100 NICs + kernel 2.6.x = NICs don't work egable Linux - Hardware 0 02-04-2005 02:30 PM
how to define a specific range of IPs and/or multiple IPs in an iptables rule?... TheHellsMaster Linux - Security 9 09-20-2004 10:06 AM
Multiple IPs on two NIcs dexteroo Linux - Networking 2 09-09-2003 06:55 AM
how to assign 2 IPs to a computer dragon Linux - Networking 6 11-05-2002 08:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration