Packet "Mixing" Between Multiple NICs on Host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Shalom!

In, perhaps, a misguided desire for elegance, I moved our DNS server from an aged and infirm host onto our existing file/mail server (Dell PowerEdge/2450 w/dual PIII/866 CPUs and 2GB RAM, running Fedora Core 1 w/all updates). Since the DNS server sat on a different subnet, I added a second NIC to the file/mail server and created the appropriate files in /etc/sysconfig/network-scripts (ifcfg-eth1 and route-eth{0,1}).

"route -n" shows:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
128.139.197.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
128.139.206.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         128.139.197.16  0.0.0.0         UG    0      0        0 eth1
0.0.0.0         128.139.206.1   0.0.0.0         UG    1      0        0 eth0

The problem is that although packets received from the two subnets arrive through the corresponding device, *packets sent to a host on a subnet other than 128.139.197.0 exit through eth1.*

Running "ping 128.139.206.12" from a host on the 128.139.206.0 subnet shows that packets exit via eth1, rather than via eth0:

root@efes network-scripts# tcpdump -i eth1 host horen.tau.ac.il
tcpdump: listening on eth1
11:54:38.192269 efes.iucc.ac.il > horen.tau.ac.il: icmp: echo reply
11:54:39.202538 efes.iucc.ac.il > horen.tau.ac.il: icmp: echo reply
11:54:40.212855 efes.iucc.ac.il > horen.tau.ac.il: icmp: echo reply

I understand that this is because the metric for eth1 is "0", while the metric for eth1 is "1". If I understand correctly, changing the metric for eth0 to "0" would mean that every packet would be sent to *both* interfaces, giving me a 50% packet loss.

Is there a way to configure routing on this server so that a packet's source-address is "honored" by the system when responding?

worst-case, I'll cobble together a separate DNS server from an unused PIII/500...

TIA!


--
JONATHAN B. HOREN                            UNIX SYSTEMS ADMINISTRATOR
E: horen@xxxxxxxxxxxxxxx            Inter-University Computation Center
T: +972-(0)3-640-5203                               Tel-Aviv University
F: +972-(0)3-640-9118                           Ramat-Aviv 69978 Israel


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux