Two NICs, one unplugged, both IPs still work - Networking

This is a discussion on Two NICs, one unplugged, both IPs still work - Networking ; I'm trying to figure out why this works: RHEL4 ES U3. I inherited this box and did not configure it. Two physical NICs installed, each with a different IP (same network). One of the NICs is unplugged, but still active. ...

+ Reply to Thread
Results 1 to 15 of 15

Thread: Two NICs, one unplugged, both IPs still work

  1. Two NICs, one unplugged, both IPs still work

    I'm trying to figure out why this works:

    RHEL4 ES U3. I inherited this box and did not configure it.

    Two physical NICs installed, each with a different IP (same network).
    One of the NICs is unplugged, but still active. However, I can ping
    both IP addresses from another box successfully.

    Shouldn't I not be able to? I checked /network-scripts and there is no
    alias set up, it is truly configured as two separate NICs (eth0, eth1)
    with separate MACs and separate IPs. There are no custom routes
    configured, nothing else unusual AFAIK. There is nothing specified on
    any network devices either.

    So shouldn't the unplugged NICs IP address be unresponsive? Connecting
    (SSH, Ping) to this IP connects to the other NIC. Is there somewhere
    else where this relationship could be setup that I can check?

    I'll add that on reboot the NICs are sometimes unresponsive and have
    to be manually deactivated and activated again. My plan is to correct /
    network-scripts for a proper dual-IP, single-NIC setup, assuming this
    will resolve that strange issue. Before I do this, though, I'd like to
    know why it's currently acting as it is. Is it possible there is still
    some legacy config somewhere retained from when someone had done a NIC
    swap or something like that? Boot logs show no problems and nothing
    unusual. I've never seen this before.

    Thanks!


  2. Re: Two NICs, one unplugged, both IPs still work

    gt wrote:
    > I'm trying to figure out why this works:
    >
    > RHEL4 ES U3. I inherited this box and did not configure it.
    >
    > Two physical NICs installed, each with a different IP (same network).
    > One of the NICs is unplugged, but still active. However, I can ping
    > both IP addresses from another box successfully.
    >
    > Shouldn't I not be able to?



    If you have ip_forwarding enabled, then the physical interface doesn't
    matter.

    The kernel "pools" the ip addresses and routes between automagically.
    The physical interface doesn't matter.

    Turn off ip_forwarding ( 'echo 0 > /proc/net/????/ip_forwarding' or some
    such) and you won't be able to ping the disconnected if.

  3. Re: Two NICs, one unplugged, both IPs still work

    On May 14, 1:09 pm, CptDondo wrote:
    > gt wrote:
    > > I'm trying to figure out why this works:

    >
    > > RHEL4 ES U3. I inherited this box and did not configure it.

    >
    > > Two physical NICs installed, each with a different IP (same network).
    > > One of the NICs is unplugged, but still active. However, I can ping
    > > both IP addresses from another box successfully.

    >
    > > Shouldn't I not be able to?

    >
    > If you have ip_forwarding enabled, then the physical interface doesn't
    > matter.
    >
    > The kernel "pools" the ip addresses and routes between automagically.
    > The physical interface doesn't matter.
    >
    > Turn off ip_forwarding ( 'echo 0 > /proc/net/????/ip_forwarding' or some
    > such) and you won't be able to ping the disconnected if.


    That's probably what's going on.

    Here's an article that describes IP forwarding
    http://systemnotesorg.blogspot.com/2...ardarding.html

    You should check your /etc/sysconfig/network-scripts/ files.
    ifcfg-eth0
    ifcfg-eth1
    And if you have bonding enabled, ifcfg-bond0
    You can turn off eth1 with the command
    ifdown eth0

    And then make it stay off at boot up:
    in /etc/sysconfig/network-scripts/ifcfg-eth1
    change
    ONBOOT="yes"
    to
    ONBOOT="no"



  4. Re: Two NICs, one unplugged, both IPs still work

    On May 14, 4:09 pm, CptDondo wrote:
    > gt wrote:
    > > I'm trying to figure out why this works:

    >
    > > RHEL4 ES U3. I inherited this box and did not configure it.

    >
    > > Two physical NICs installed, each with a different IP (same network).
    > > One of the NICs is unplugged, but still active. However, I can ping
    > > both IP addresses from another box successfully.

    >
    > > Shouldn't I not be able to?

    >
    > If you have ip_forwarding enabled, then the physical interface doesn't
    > matter.
    >
    > The kernel "pools" the ip addresses and routes between automagically.
    > The physical interface doesn't matter.
    >
    > Turn off ip_forwarding ( 'echo 0 > /proc/net/????/ip_forwarding' or some
    > such) and you won't be able to ping the disconnected if.


    Good idea, however /proc/sys/net/ip_forward is disabled (0). Could
    this still be enabled elsewhere? Anything else to check? Thanks


  5. Re: Two NICs, one unplugged, both IPs still work


    gt wrote:

    > Two physical NICs installed, each with a different IP (same network).


    This is a very advanced network configuration. You have to know
    exactly what you're doing to make this work.

    This configuration will create all sorts of problems if you don't
    understand the details of what's going on. Your specific issue is
    caused by the following scenario:

    1) Another machine on the network wants to reach the IP of the
    disconnected network card. It sends out an ARP broadcast on the
    network to find out what hardware address to use.

    2) Your machine receives that broadcast, sees that it is for a network
    address it owns, and responds to it.

    3) The other machine then uses the hardware address of that interface.

    Whoever told you to turn of ip forwarding is mistaken. Nothing is
    forwarded. The packet is send directly to the machine that owns that
    IP address.

    You can fix this one specific issue fairly easily, Linux has a switch
    that causes it to send ARP replies only on the interface that an IP
    address is configured on. But that fixes only this one specific issue
    and doesn't fix the main problem, which is that you are sort of
    bridging and sort of not bridging.

    DS


  6. Re: Two NICs, one unplugged, both IPs still work

    David Schwartz wrote:

    > Whoever told you to turn of ip forwarding is mistaken. Nothing is
    > forwarded. The packet is send directly to the machine that owns that
    > IP address.


    DUH! You're right, of course...

    It's been a while since I've done this without a heap of iptables rules
    and routing tables.

    --Yan

  7. Re: Two NICs, one unplugged, both IPs still work

    On May 14, 5:24 pm, David Schwartz wrote:
    > gt wrote:
    > > Two physical NICs installed, each with a different IP (same network).

    >
    > This is a very advanced network configuration. You have to know
    > exactly what you're doing to make this work.
    >
    > This configuration will create all sorts of problems if you don't
    > understand the details of what's going on. Your specific issue is
    > caused by the following scenario:
    >
    > 1) Another machine on the network wants to reach the IP of the
    > disconnected network card. It sends out an ARP broadcast on the
    > network to find out what hardware address to use.
    >
    > 2) Your machine receives that broadcast, sees that it is for a network
    > address it owns, and responds to it.
    >
    > 3) The other machine then uses the hardware address of that interface.
    >
    > Whoever told you to turn of ip forwarding is mistaken. Nothing is
    > forwarded. The packet is send directly to the machine that owns that
    > IP address.
    >
    > You can fix this one specific issue fairly easily, Linux has a switch
    > that causes it to send ARP replies only on the interface that an IP
    > address is configured on. But that fixes only this one specific issue
    > and doesn't fix the main problem, which is that you are sort of
    > bridging and sort of not bridging.
    >
    > DS


    thanks, that certainly makes sense.

    as i wrote, this is an inherited machine and i'm going to be adjusting
    the /network-scripts to a proper setup (eth0, eth0:0), just wanted
    some insight into the current setup. been a few linux boxes i've
    inherited with funky network configs.

    btw, what's the switch to do what you're saying, for my own knowledge?

    thanks again!


  8. Re: Two NICs, one unplugged, both IPs still work

    Hello,

    systemnotes@gmail.com a écrit :
    >>
    >>>Two physical NICs installed, each with a different IP (same network).
    >>>One of the NICs is unplugged, but still active. However, I can ping
    >>>both IP addresses from another box successfully.

    >>
    >>>Shouldn't I not be able to?


    No. I mean, yes, you should be able to.

    Rationale :
    On a Linux system, an IP address configured on an active interface
    belongs to the whole host, not to that particular interface, and is
    usable on all local interfaces.

    >>If you have ip_forwarding enabled, then the physical interface doesn't
    >>matter.


    IP forwarding has nothing to do with this.

    >>Turn off ip_forwarding ( 'echo 0 > /proc/net/????/ip_forwarding' or some
    >>such) and you won't be able to ping the disconnected if.

    >
    > That's probably what's going on.


    No, it's not.

  9. Re: Two NICs, one unplugged, both IPs still work

    Pascal Hambourg wrote:
    > systemnotes@gmail.com a ?crit :
    > >>>Two physical NICs installed, each with a different IP (same
    > >>>network). One of the NICs is unplugged, but still
    > >>>active. However, I can ping both IP addresses from another box
    > >>>successfully.
    > >>
    > >>>Shouldn't I not be able to?


    > No. I mean, yes, you should be able to.


    > Rationale :
    > On a Linux system, an IP address configured on an active interface
    > belongs to the whole host, not to that particular interface, and is
    > usable on all local interfaces.


    I believe that in IETF speak, this is a variation on the "weak end
    system model" where the "strong end system model" is when an IP
    address is associated exclusively with a specific interface and
    traffic destined to an IP will only be accepted via the interface to
    which that IP has been assigned. Very few systems, if any, default to
    a strong end system model.

    If the two NICs are connected to the same switch, it could even be the
    case that only one MAC is associated with the two IP's on the "other"
    systems since the "weakness" of the end system model extends to ARP as
    well - responses for IP-MAC translations for any of the IPs will go
    out either of the interfaces unless something like arp_ignore or
    arp_filter are set (I can never remember which does which
    differently).

    --
    a wide gulf separates "what if" from "if only"
    these opinions are mine, all mine; HP might not want them anyway...
    feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

  10. Re: Two NICs, one unplugged, both IPs still work

    On May 14, 2:49 pm, gt wrote:

    > btw, what's the switch to do what you're saying, for my own knowledge?


    http://linux-ip.net/html/ether-arp.html
    See section 2.1.4

    It is unfortunate that there's no good way to 'bond' Ethernet links
    together at the Ethernet layer that can be automatically detected by
    typical switches.

    DS


  11. Re: Two NICs, one unplugged, both IPs still work

    David Schwartz wrote:

    > On May 14, 2:49 pm, gt wrote:
    >
    >> btw, what's the switch to do what you're saying, for my own knowledge?

    >
    > http://linux-ip.net/html/ether-arp.html
    > See section 2.1.4
    >
    > It is unfortunate that there's no good way to 'bond' Ethernet links


    Au contraire - there is:

    http://www.cyberciti.biz/howto/quest...iver-howto.php

    > together at the Ethernet layer that can be automatically detected by
    > typical switches.


    Well, not automatically - you hav eto configure both ends.

    Cheers

    Tim

  12. Re: Two NICs, one unplugged, both IPs still work

    On Tue, 15 May 2007 01:08:06 +0200 Pascal Hambourg wrote:
    | Hello,
    |
    | systemnotes@gmail.com a ?crit :
    |>>
    |>>>Two physical NICs installed, each with a different IP (same network).
    |>>>One of the NICs is unplugged, but still active. However, I can ping
    |>>>both IP addresses from another box successfully.
    |>>
    |>>>Shouldn't I not be able to?
    |
    | No. I mean, yes, you should be able to.
    |
    | Rationale :
    | On a Linux system, an IP address configured on an active interface
    | belongs to the whole host, not to that particular interface, and is
    | usable on all local interfaces.

    So why do we even need to name an interface if the IP is host-wide?
    Shouldn't configuring an IP address simply be to add it to the host?
    Then we would just bring up interfaces without specific IPs.

    --
    |---------------------------------------/----------------------------------|
    | Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
    | first name lower case at ipal.net / spamtrap-2007-05-15-1228@ipal.net |
    |------------------------------------/-------------------------------------|

  13. Re: Two NICs, one unplugged, both IPs still work

    On Tue, 15 May 2007 01:03:03 +0000 (UTC) Rick Jones wrote:
    | Pascal Hambourg wrote:
    |> systemnotes@gmail.com a ?crit :
    |> >>>Two physical NICs installed, each with a different IP (same
    |> >>>network). One of the NICs is unplugged, but still
    |> >>>active. However, I can ping both IP addresses from another box
    |> >>>successfully.
    |> >>
    |> >>>Shouldn't I not be able to?
    |
    |> No. I mean, yes, you should be able to.
    |
    |> Rationale :
    |> On a Linux system, an IP address configured on an active interface
    |> belongs to the whole host, not to that particular interface, and is
    |> usable on all local interfaces.
    |
    | I believe that in IETF speak, this is a variation on the "weak end
    | system model" where the "strong end system model" is when an IP
    | address is associated exclusively with a specific interface and
    | traffic destined to an IP will only be accepted via the interface to
    | which that IP has been assigned. Very few systems, if any, default to
    | a strong end system model.

    We should have the choice, at least at the kernel building config time,
    if not later.


    | If the two NICs are connected to the same switch, it could even be the
    | case that only one MAC is associated with the two IP's on the "other"
    | systems since the "weakness" of the end system model extends to ARP as
    | well - responses for IP-MAC translations for any of the IPs will go
    | out either of the interfaces unless something like arp_ignore or
    | arp_filter are set (I can never remember which does which
    | differently).

    Both seem to have related behaviour, either of which may suit different
    people's needs.

    BTW, it fails to load balance the two NICs. It effectively become a poor
    form of failover (e.g. in certain cases a failed NIC or cable connected
    to the NIC won't result in traffic to the other interface).

    --
    |---------------------------------------/----------------------------------|
    | Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
    | first name lower case at ipal.net / spamtrap-2007-05-15-1231@ipal.net |
    |------------------------------------/-------------------------------------|

  14. Re: Two NICs, one unplugged, both IPs still work

    On 14 May 2007 13:38:00 -0700 gt wrote:
    | On May 14, 4:09 pm, CptDondo wrote:
    |> gt wrote:
    |> > I'm trying to figure out why this works:
    |>
    |> > RHEL4 ES U3. I inherited this box and did not configure it.
    |>
    |> > Two physical NICs installed, each with a different IP (same network).
    |> > One of the NICs is unplugged, but still active. However, I can ping
    |> > both IP addresses from another box successfully.
    |>
    |> > Shouldn't I not be able to?
    |>
    |> If you have ip_forwarding enabled, then the physical interface doesn't
    |> matter.
    |>
    |> The kernel "pools" the ip addresses and routes between automagically.
    |> The physical interface doesn't matter.
    |>
    |> Turn off ip_forwarding ( 'echo 0 > /proc/net/????/ip_forwarding' or some
    |> such) and you won't be able to ping the disconnected if.
    |
    | Good idea, however /proc/sys/net/ip_forward is disabled (0). Could
    | this still be enabled elsewhere? Anything else to check? Thanks

    ip_forward isn't the issue here ... ARP is.

    --
    |---------------------------------------/----------------------------------|
    | Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
    | first name lower case at ipal.net / spamtrap-2007-05-15-1234@ipal.net |
    |------------------------------------/-------------------------------------|

  15. Re: Two NICs, one unplugged, both IPs still work

    On 14 May 2007 19:02:00 -0700 David Schwartz wrote:

    | On May 14, 2:49 pm, gt wrote:
    |
    |> btw, what's the switch to do what you're saying, for my own knowledge?
    |
    | http://linux-ip.net/html/ether-arp.html
    | See section 2.1.4
    |
    | It is unfortunate that there's no good way to 'bond' Ethernet links
    | together at the Ethernet layer that can be automatically detected by
    | typical switches.

    If an ARP response is intentionally duplicated on all subinterfaces of a
    bonded interface set, that would be information enough for a switch with
    sufficient intelligence to know to treat the ports as bonded and do load
    balancing or at least load spillover.

    --
    |---------------------------------------/----------------------------------|
    | Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
    | first name lower case at ipal.net / spamtrap-2007-05-15-1235@ipal.net |
    |------------------------------------/-------------------------------------|

+ Reply to Thread