Re: two interfaces one subnet

["Kevin Oberman" <oberman () es net>]

> From: Chris Meidinger <cmeidinger () sendmail com>
> Date: Mon, 11 May 2009 23:38:30 +0200
>
> On 11.05.2009, at 23:31, Dan White wrote:
>
> > Chris Meidinger wrote:
> > > Hi,
> > >
> > > This is a pretty moronic question, but I've been searching RFC's on- 
> > > and-off for a couple of weeks and can't find an answer. So I'm  
> > > hoping someone here will know it offhand.
> > > I've been looking through RFC's trying to find a clear statement  
> > > that having two interfaces in the same subnet does not work, but  
> > > can't find it that statement anywhere.
> > > The OS in this case is Linux. I know it can be done with clever  
> > > routing and prioritization and such, but this has to do with  
> > > vanilla config, just setting up two interfaces in one network.
> > > I would be grateful for a pointer to such an RFC statement,  
> > > assuming it exists.
> >
> > If your goal is to achieve redundancy or to increase bandwidth, you  
> > can bond the interfaces together - assuming that you have a switch /  
> > switch stack that supports 802.3ad.
> >
> > Then you could assign multiple IPs to the bonded interface without  
> > any layer 3 messyness.
>
> I should have been clearer. The case in point is having two physical  
> interfaces, each with a unique IP, in the same subnet.
>
> For example, eth0 is 10.0.0.1/24 and eth1 is 10.0.0.2/24, nothing like  
> bonding going on. The customers usually have the idea of running one  
> interface for administration and another for production (which is a  
> _good_ idea) but they want to do it in the same subnet (not such a  
> good idea...)

This will not work right. One interface can be 10.0.0.1/24, but any
added interfaces would need to be /32 (10.0.0.2/32).

What your customer wants can probably be done, but it is a really bad
idea. Put them in different subnets. If you need to, break off a /30
from the /24. (That is a bit messy as you meed to break the /24 into a
/25, a /26, a /27..., but it should work fine. Since the main interface
has to talk to ALL of the subnets, you will need to use one address from
each and that is pretty wasteful, but it should work.) Just really UGLY!

If only a part of the address space need be used, it gets easier and
less ugly. If a /25 will work, it's pretty much normal configuration on
both interfaces.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman () es net                       Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751