ĭefine the routes for these two tables: # ip route add default via 10.0.0.1 table eth0 I basically just followed directions from, although that page was written with a different goal in mind (dealing with two ISPs).Īssume that the subnet is 10.0.0.0/24, the gateway is 10.0.0.1, the IP address for eth0 is 10.0.0.100, and the IP address for eth1 is 10.0.0.101.ĭefine two new routing tables named eth0 and eth1 in /etc/iproute2/rt_tables. Only for more complex setups like load-īalancing, does this behaviour cause problems.Īrp_filter for the interface will be enabled if at least one ofĬonf//arp_filter is set to TRUE, IP addresses are owned by the complete host on Linux, not by Sense, because it increases the chance of successful communication.
Of which cards (usually 1) will respond to an arp request.Ġ - (default) The kernel can respond to arp requests with addressesįrom other interfaces. The ARP'd IP out that interface (therefore you must use sourceīased routing for this to work). Subnet, and have the ARPs for each interface be answeredīased on whether or not the kernel would route a packet from # echo ".arp_filter = 1" > /etc/nfįrom the file networking/ip-sysctl.txt in the Linux kernel docs: arp_filter - BOOLEANġ - Allows you to have multiple network interfaces on the same Step 1: Enable ARP filtering on all interfaces: # sysctl -w .arp_filter=1 It seems to work, but it also seems to be a lot of work for something that seems like it should be simple. A few keystrokes later I had two network interfaces up and running and both pulled IP addresses from DHCP.īut then the problem came in: the network admins could see (on the switch) the ARP entry for both interfaces, but only the first network interface that I brought up would respond to pings or any sort of TCP or UDP traffic.Īfter lots of digging and poking, here's what I came up with. Thankfully this Linux system is a virtual machine, so I was able to easily add a second network interface (without rebooting, I might add - pretty cool). Having two network interfaces seemed like the next logical step. There may have been a way around these issues on the switch configuration, but in an attempt to preserve good relations with the network admins I tried to find another way.
IP aliasing required that MAC address X was assigned two IP addresses, so this didn't work. Unfortunately this had the side effect of also saying that MAC address X is ONLY allowed to have IP address Y. With the DHCP snooping disabled on the switchport, they had to put in a rule on the switch that said MAC address X is allowed to have IP address Y.This feature can be disabled per switchport if you ask and you have a reason for it (thankfully I have a good relationship with the network guys and this isn't hard to do). Static addressing is accomplished by using static DHCP entries, so the same MAC address always gets the same IP assignment. They use DHCP snooping and normally don't allow static IP addresses.
using eth0:0, eth0:1, etc, but our network admins have some fairly strict settings in place for security that squashed this idea: My first approach was to use IP aliasing, e.g. I recently ran into a situation where I needed two IP addresses on the same subnet assigned to one Linux host so that we could run two SSL/TLS sites.