RE: 2 NIC's on same network, possible?

["David Gillett" <gillettdavid () fhda edu>]

  Your Perl script should work fine *IF* you've given both
NICs the same MAC address -- in which case, having both 
interfaces up at once is a very bad idea.

  (In fact, this is more or less how real fail-over
systems like HSRP work.  Two gateway routers talk to each 
other privately, and when one stops talking, the other
assumes responsibility for the gateway IP and MAC addresses
that clients have been told about via DHCP (or static config)
and ARP, respectively.)

David Gillett


> -----Original Message-----
> From: White-Tiger [mailto:white-tiger () rocketmail com]
> Sent: August 1, 2003 07:21
> To: IT () smc ac nz
> Cc: security-basics () securityfocus com
> Subject: RE: 2 NIC's on same network, possible?
>
>
> I have to nic on the same switch right now... running
> openbsd3.2-stable.
>
> For the first couple of hours/days I got tons of messages
> saying that the arp data was being updated by the first NIC
> and then a while later it was back to the second NIC..
>
> If you want fail-over,  the second NIC in your picture has
> a second IP.  if the first IP fails... how will they know
> to goto the second.
>
> Make a small program, Perl or something, that checks that
> network is up.  and when its no longer up, ifconfig eth0
> down and ifconfig eth1 up and have them with same IP.
>
> Not sure if this will work.
>
> I needed mine for some testing,  I had netstart start the
> main NIC, and rc.local started second NIC using ifconfig
> eth1 -arp
>
> to disable that NIC from using or hearing arp traffic.
>
> the messages about arp data is no longer coming up.
>
> However, if anything (like the other test system, in my
> case it was a router) I had to add a static arp entry on
> the router so it could talk to the second NICs IP.  if you
> don't you won't be able to ping or anything.
>
> Hope this help,
>
> WT
> --- Max Harvey <IT () smc ac nz> wrote:
> > > From: Vineet Mehta [mailto:vineet () linux com kw]
> > > My collegue has a Linux machine which has 2 NIC's on
> > it. What 
> > > he did was assign the IP's 192.168.0.6/24 and
> > 192.168.0.7/24 
> > > to the NIC's. And he was trying to ping the network but
> > was 
> > > getting errors (i dont know the errors).
> > >
> > >                -----------------
> > >               | Switch         |
> > >               |_________________|
> > >                 |             |
> > >                 |             |
> > >                 |             |
> > >           -------------------------------
> > >           |  NIC1            NIC2     |
> > >           |192.168.0.6/24 192.168.0.7/24|
> > >           |        Machine            |
> > >           |-----------------------------|
> >
> >
> >
> > > From: Burton M. Strauss III [mailto:BStrauss () acm org] 
> > > Now it gets weird if somebody is trying to reach YOU on
> > the 
> > > 2nd NIC.  Why? Because the routing decision is address
> > based, 
> > > not NIC based.
> > >
> > > So a packet TO the address of the 2nd NIC (192.168.0.7)
> > is 
> > > received on the 2nd NIC.  The reply, addressed say to 
> > > 192.168.0.5 again, is sent VIA the 1st NIC (1st match
> > in the 
> > > routing rules wins!).  Unless the sender also has this
> > kind 
> > > of funky routing table.
> > >
> > > THIS is what leads to the 'rule' that you can't have
> > two NICs 
> > > with the same network portions, because if they're
> > really NOT 
> > > connected identically, you'll lose traffic, and if
> > you're not 
> > > really, really careful with routine rules (wait for it)
> > (yes) 
> > > you'll lose traffic.
> >
> >
> > Does this mean, that if both eth0 and eth1 are connected
> > directly to the
> > same switch as in the original post I believe, therefore
> > having the same
> > connection to the network, that it would work?
> >
> > I am wondering as I had a network cable die on one of my
> > servers
> > yesterday, so I am considering sticking a backup Ethernet
> > card in the
> > server, and having it connected into the exactly same
> > switch that the
> > current card/cable connects to. I am just trying to
> > confirm that I have
> > read this right, and that since they are connected to the
> > same
> > connection, that it will work.
> >
> > Hopefully this means that if I lose a cable/card, it will
> > determine that
> > the route isn't working, and move onto the next match?
> >
> >
> > Max.
> --------------------------------------------------------------
> -------------
> >
> --------------------------------------------------------------
> --------------
> >
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------