Tux

...making Linux just a little more fun!

Weird networking question

Deividson Okopnik [deivid.okop at gmail.com]


Fri, 19 Mar 2010 11:00:53 -0300

Hello TAG!

I have an unusual networking problem to solve here, and I'm needing some help.

Basically I got a machine with 2 network interfaces, eth0 and eth1, and both are connected in the same hub.

But eth0 has the ip 192.168.0.97, and doesnt need a proxy to access the internet. Eth1's ip is 192.168.0.200, and that IP needs a proxy to access the internet (and several sites are blocked, etc).

Alls configured, but it seems that everything's trying to use the eth1 to access the internet, and I need it to be accessed using eth0. Everything should use eth0, I just need eth1 to be used for apache and mysql...

Any clue on how to configure that?

Thanks

Deividson


Top    Back


René Pfeiffer [lynx at luchs.at]


Fri, 19 Mar 2010 15:08:57 +0100

On Mar 19, 2010 at 1100 -0300, Deividson Okopnik appeared and said:

> [...]
> Basically I got a machine with 2 network interfaces, eth0 and eth1,
> and both are connected in the same hub.
> 
> But eth0 has the ip 192.168.0.97, and doesnt need a proxy to access
> the internet.
> Eth1's ip is 192.168.0.200, and that IP needs a proxy to access the
> internet (and several sites are blocked, etc).

What is your network? Is it 192.168.0.0/24 (I assume)? Why do both network interfaces use IP addresses from the same network?

> Alls configured, but it seems that everythings trying to use the eth1
> to access the internet, and i need it to be accessed using eth0.
> Everything should use eth0, i just need eth1 to be used for apache and mysql...

What OS do you use? If Debian/Ubuntu, which declaration has the gateway option in /etc/network/interfaces?

You could try using something like this:

ip route del default
ip route add default via 192.168.0.x dev eth0

Best, René.


Top    Back


Dimitrios Siganos [dimitris at siganos.org]


Fri, 19 Mar 2010 14:23:19 +0000

René Pfeiffer wrote:

> On Mar 19, 2010 at 1100 -0300, Deividson Okopnik appeared and said:
>   
>> [...]
>> Basically I got a machine with 2 network interfaces, eth0 and eth1,
>> and both are connected in the same hub.
>>
>> But eth0 has the ip 192.168.0.97, and doesnt need a proxy to access
>> the internet.
>> Eth1's ip is 192.168.0.200, and that IP needs a proxy to access the
>> internet (and several sites are blocked, etc).
>>     
>
> What is your network? Is it 192.168.0.0/24 (I assume)?
> Why do both network interfaces use IP addresses from the same network?
>
>   
>> Alls configured, but it seems that everythings trying to use the eth1
>> to access the internet, and i need it to be accessed using eth0.
>> Everything should use eth0, i just need eth1 to be used for apache and mysql...
>>     
>
> What OS do you use? If Debian/Ubuntu, which declaration has the gateway
> option in /etc/network/interfaces?
>
> You could try using something like this:
> ip route del default
> ip route add default via 192.168.0.x dev eth0

If you haven't done so already, you probably want to switch on "arp_filter" as well. Otherwise both interfaces will respond to ARP requests, causing chaos.

Dimitris Siganos


Top    Back


Deividson Okopnik [deivid.okop at gmail.com]


Fri, 19 Mar 2010 11:25:06 -0300

2010/3/19 René Pfeiffer <lynx@luchs.at>:

> On Mar 19, 2010 at 1100 -0300, Deividson Okopnik appeared and said:
>
> What is your network? Is it 192.168.0.0/24 (I assume)?
> Why do both network interfaces use IP addresses from the same network?
>

192.168.0.0/24 yes, and both use IPs from the same network cause the machine was 192.168.0.200, but that blocks access to several pages, and i need a free pass to the internet, and ip 192.168.0.97 does that.

But several other computers use 192.168.0.200 to access apache/mysql from that machine, and I didnt want to change that,.

>
> What OS do you use? If Debian/Ubuntu, which declaration has the gateway
> option in /etc/network/interfaces?
>

Ubuntu 9.10, both interfaces got the proper gateway configured (192.168.0.100), but not directly on the file, U9.10 uses that network manager...

>
> You could try using something like this:
> ip route del default
> ip route add default via 192.168.0.x dev eth0
>

Did that, still doesnt work (after a network restart) - it seems to work as i want when i disable eth1 (but of course then apache and mysql = unresponsible)

Thanks a ton :)

Wow, youre fast.

Deividson


Top    Back


Deividson Okopnik [deivid.okop at gmail.com]


Fri, 19 Mar 2010 11:31:07 -0300

And it is working :)

Thanks for the help guys - I swapped the IPs of both interfaces and it's working like a charm now.

And in case anyone's got any idea on how could I solve that problem in a better way, feel free to drop me a line.

Thanks again Deividson


Top    Back


Dimitrios Siganos [dimitris at siganos.org]


Fri, 19 Mar 2010 14:48:26 +0000

Deividson Okopnik wrote:

> And it is working :)
>
> Thanks for the help guys - I swapped the IPs of both interfaces and
> its working like a charm now.
>
> And incase anyones got any ideia on how could i solve that problem in
> a better way, fell free to drop me a line.

I imagine you have two default routes and it picks the first one it finds. What do you see if you type:

ip route
in a terminal?

The better solution is to:

* right click on nm icon on taskbar
* click edit connection
* select the one that shouldn't go out on the internet
* goto to the "IPV4 settings" tab
* click on "Routes"
* and finally, click on "Use this connection only for resources on its network"

that will stop nm from adding a default route through that interface.

Dimitrios Siganos


Top    Back


Ben Okopnik [ben at okopnik.com]


Fri, 19 Mar 2010 11:34:11 -0400

On Fri, Mar 19, 2010 at 02:48:26PM +0000, Dimitrios Siganos wrote:

> 
> The better solution is to:
> * right click on nm icon on taskbar
> * click edit connection
> * select the one that shouldn't go out on the internet
> * goto to the "IPV4 settings" tab
> * click on "Routes"
> * and finally, click on "Use this connection only for resources on
> its network"
> 
> that will stop nm from adding a default route through that interface.

Nice tip, Dimitrios! I've just tweaked my own 'nm' settings this way, which should help get rid of at least one minor annoyance. Thanks!

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * https://LinuxGazette.NET *


Top    Back


Deividson Okopnik [deivid.okop at gmail.com]


Fri, 19 Mar 2010 13:30:05 -0300

2010/3/19 Ben Okopnik <ben@okopnik.com>:

> On Fri, Mar 19, 2010 at 02:48:26PM +0000, Dimitrios Siganos wrote:
>>
>> The better solution is to:
>> * right click on nm icon on taskbar
>> * click edit connection
>> * select the one that shouldn't go out on the internet
>> * goto to the "IPV4 settings" tab
>> * click on "Routes"
>> * and finally, click on "Use this connection only for resources on
>> its network"
>>
>> that will stop nm from adding a default route through that interface.
>
> Nice tip, Dimitrios! I've just tweaked my own 'nm' settings this way,
> which should help get rid of at least one minor annoyance. Thanks!
>

Very weird - even like this it seems that the pc is still trying to use the wrong route, cause internet is extra slow (3-minutes-to-open-twitter slow), and as soon as i disable eth1 it gets normal again


Top    Back


Jim Jackson [jj at franjam.org.uk]


Fri, 19 Mar 2010 20:24:47 +0000 (GMT)

On Fri, 19 Mar 2010, Deividson Okopnik wrote:

> 2010/3/19 Ben Okopnik <ben@okopnik.com>:
>>> * right click on nm icon on taskbar
>>> * click edit connection
>>> * select the one that shouldn't go out on the internet
>>> * goto to the "IPV4 settings" tab
>>> * click on "Routes"
>>> * and finally, click on "Use this connection only for resources on
>>> its network"
>>>
>>> that will stop nm from adding a default route through that interface.
>>
>> Nice tip, Dimitrios! I've just tweaked my own 'nm' settings this way,
>> which should help get rid of at least one minor annoyance. Thanks!
>>
>
> Very weird - even like this it seems that the pc is still trying to
> use the wrong route, cause internet is extra slow
> (3-minutes-to-open-twitter slow), and as soon as i disable eth1 it
> gets normal again

There's a discussion here...

https://mailman.nanog.org/pipermail/nanog/2009-May/010434.html

on having 2 interfaces on one subnet. "Usually" this is not encouraged - depending on your platform you may not be able to arrange this at all. But Linux of course can do anything :-) It just might not be easy, and you are likely to get bit in the bum as you've discovered. Use 2 sessions of wireshark or tcpdump to sniff both interfaces, just to check which interface packets are goin gout of, and with what local addresses?

Another possible starting point for experiments would be to use one interface with 2 addresses.

   ifconfig eth0 192.168.0.50 up
   ifconfig eth0:1 192.168.0.60 up

This may get round arp problems. Remember you will have to force an application to use the non-default IP address as it's source address.

good luck

Jim


Top    Back


René Pfeiffer [lynx at luchs.at]


Fri, 19 Mar 2010 22:09:51 +0100

On Mar 19, 2010 at 2024 +0000, Jim Jackson appeared and said:

> [...]
> Another possible starting point for experiments would be to use one
> interface with 2 addresses.
> 
>   ifconfig eth0 192.168.0.50 up
>   ifconfig eth0:1 192.168.0.60 up

You can do the same on the fly without using different network device names:

ip link set dev eth0 up
ip address add 192.168.0.50/24 dev eth0
ip address add 192.168.0.60/24 dev eth0

ip is easier to use and you can always delete addresses without hassle:

ip address del 192.168.0.60/24 dev eth0

This is quite useful for testing.

Best, René.


Top    Back


jose [jmanel at gmail.com]


Tue, 23 Mar 2010 11:10:14 +0100

Since i am not using any dinamic feature as DHCP i uninstalled nm and configured manually the network(in the file) and problems related went away.

Just an answer for a particular case

Josep


Top    Back


René Pfeiffer [lynx at luchs.at]


Fri, 19 Mar 2010 15:33:52 +0100

On Mar 19, 2010 at 1125 -0300, Deividson Okopnik appeared and said:

> 2010/3/19 René Pfeiffer <lynx@luchs.at>:
> > [...]
> > You could try using something like this:
> > ip route del default
> > ip route add default via 192.168.0.x dev eth0
> >
> 
> Did that, still doesnt work (after a network restart) - it seems to
> work as i want when i disable eth1 (but of course then apache and
> mysql = unresponsible)

Mind the ARP settings. The Linux kernel answers to ARP requests on both interfaces (as was pointed out by a previous posting). The behaviour is called "ARP flux".

https://lwn.net/Articles/45373/ https://robertlathanh.com/2009/08/two-subnetworks-on-one-lan-and-linux-arp_filter/

The last link explains the arp_filter settings a bit more.

> Thanks a ton :)
> Wow, youre fast.

Recharging my caffeine levels after 5 days of being away from the office coffee machine. ;)

Best, René.


Top    Back