1

I deployed a VMware vCloud appliance and before deployment I'm asked to enter the IP addresses this appliance should use and the default gateway. This appliance has 2 IP addresses and nics by default and they should be in the same subnet.

So the info I entered was: 10.248.2.10/24 for eth0 10.248.2.20/24 for eth1 Default gateway is 10.248.2.254

Now I run into a strange issue. When I ping both IP addresses from a computer in the same subnet, all is fine. When I ping from a computer in a different subnet, I only get a reply from the 10.248.2.20 address (eth1). When I login to the appliance I can ping the computer in the same subnet as well as the computer in the different subnet.

The network guys have assured me there is no firewall blocking this traffic.

Not sure where it is going wrong. I was thinking maybe the routing table is incorrect? Shouldn't there be only one "default" destination? But then again, I would expect traffic coming in on eth0 or eth1, to also leave over the same interface it arrived, or is that not a correct assumption?

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.248.2.254    0.0.0.0         UG    0      0        0 eth1
default         10.248.2.254    0.0.0.0         UG    0      0        0 eth0
10.248.2.0      *               255.255.255.0   U     0      0        0 eth1
10.248.2.0      *               255.255.255.0   U     0      0        0 eth0

Any clues where to look for?

Gabrie
  • 123
  • 6
  • Each interface is going to have a full IP configuration, the individual interfaces don't recognize that another interface exists. So far as the interface is concerned, there is no other interface. – Davidw Jun 12 '20 at 06:44
  • So, this config looks good? – Gabrie Jun 12 '20 at 06:49
  • For IP addresses 10.248.2.10 and 10.248.2.20 with /24 the default gateway should be 10.248.2.1. 10.248.2.254 makes no sense for 10.248.2.0/24. – Overmind Jun 12 '20 at 07:20
  • 1
    @Overmind That comment doesn't make sense. The gateway can be whatever IP in the subnet you want it to be. – Frederik Jun 12 '20 at 07:46
  • Yes it can but you will have unforeseen consequences specially in VM environment. Why do it if not really needed ? – Overmind Jun 12 '20 at 07:54
  • 1
    @Overmind I have maintained *many* subnets over the years, also many where the gateway was on another IP than .1 and they all worked just fine so what you are saying is absolutely untrue :) – Frederik Jun 12 '20 at 08:13
  • Well I don't like unnecessary work so I'll pass on not letting things be easy. – Overmind Jun 12 '20 at 08:33
  • Why are you using two nics in the same network? – Davidw Jun 12 '20 at 18:09
  • Last night I found out I misread the guide. Moving the second nic to a different network now :-) – Gabrie Jun 13 '20 at 07:34

1 Answers1

0

In the same sub-net both IPs will be reachable with no routing necessary.

From a different sub-net, you will need working routing for things to work. In your case, the default routing goes through eth1.

If you want to simply make routing prioritize eth0 instead, you can use routing tables to accomplish that or simply give a lower metric to the desired interface. In both cases, you will have routing toward the desired interface.

You can also add rules to determine which table is used for what::

  • create two routing tables, one for each NIC
  • add routes for each interface to the appropriate tables
  • add rules to determine which table is used

This should keep traffic from crossing NICs internally, allowing you to preserve redundancy or use each NIC for different functionality.

Overmind
  • 3,076
  • 2
  • 16
  • 25