0

What is the best technical solution to solve this?

I have a /24-segment with two NIC's in one Linux Server (lets call it srv) that have two IP-addresses in this segment.

  • NIC1 / eth0 / 10.10.1.101 / MAC1
  • NIC2 / eth1 / 10.10.1.102 / MAC2

The segment 10.10.1.0 /24 links up through a switch that allows access trough it based on MAC/IP combination, the IP is set by DHCP by this switch (based on individual MAC).

So far, this seems to work - somehow. I know, this setup is technically not o.k. and a look into /var/log/messages shows the expected collisions (Martian source packages) on eth1 each 500ms:

...
srv kernel: [ 1217.220559] martian source 10.10.1.254 from 10.10.1.112, on dev eth1
srv kernel: [ 1217.220563] ll header: ff:ff:ff:ff:ff:ff:00:1e:68:9d:54:05:08:06
srv kernel: [ 1218.313186] martian source 10.10.1.255 from 10.10.1.59, on dev eth1
srv kernel: [ 1218.313190] ll header: ff:ff:ff:ff:ff:ff:00:13:d4:b7:6f:e9:08:00
...

Each NIC serves for its specific duties (connected to different web sites served by one apache2 server in ip-based vhosts-setup).

How to solve this? I know (and I did actually), one may switch off the 'martian packet logging' by the usual sysctrl -p calls:

net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth1.log_martians = 0
net.ipv4.conf.lo.log_martians = 0

but the problem should be solveable in a clean way? Or isn't?

Regards & Thanks

rbo

rubber boots
  • 145
  • 7

1 Answers1

1

Do you actually need 2 nics?

A way round this could be to add an alias to one of the interfaces to assign the additional IP address:

sudo /sbin/ifconfig eth0:1 10.10.1.102/24 up

James Yale
  • 5,182
  • 1
  • 17
  • 20
  • this would prevent packets from the interface (IP/MAC) from going upstream trought the router. **BUT**, probably it's not even necessary to have uplink on this interface (I'll check this). Thanks! – rubber boots Sep 01 '10 at 10:25