1

I have a machine with Solaris 8, and it has multiple interfaces that are connected to the same network which means they all have metric 0 (1 hop) to the default gateway.

assume:

  • e1000g0: 192.168.30.70
  • e1000g2: 192.168.30.72
  • e1000g4: 192.168.30.74
  • e1000g5: 192.168.30.76
  • gateway: 192.168.30.65 (Cisco Router)

However, it seems like despite the fact that they have a direct connection, they seem to be using e1000g0 to access the 192.168.30.0 network to get to the default gateway and then to anywhere else.

When I send a ping to say, 192.168.30.74 (IP of e1000g4) and capture packets on e1000g0, I see the "echo reply" messages going out of it as opposed to e1000g4 even though e1000g4 is the one receiving the "echo request". This should not happen and these should be completely independent as they should all be advertising a 1 hop to that network

The outputs from netstat -rn and ifconfig -a are shown in the picture on the link below

http://img836.imageshack.us/img836/7308/ifconfignetstathiddenip.jpg

I need to somehow assign all these interfaces equal priority and make them understand that they're physically connected to the 192.168.30.0 network and there's no need to go through e1000g0 to get to it.

This is causing a lot of problems as eventually all traffic will end up going through the e1000g0 interface and that will become a bottle neck.

Please help Thanks in advance

AEG
  • 11
  • 2

1 Answers1

2

There are a few things that you need to look at.

Local MAC addresses

The default for older SPARC machines was to have an eeprom setting: local-mac-address? false. With this setting, when Solaris comes up, it overrides the local network ports and gives each interface the same MAC. This is probably causing your MAC address confusion on the Cisco router and directly limiting the inbound bandwidth. See InfoDoc 16733 for more details. The default for newer servers is local-mac-address? true.

Caveat: If you're running Sun Cluster, older versions require local-mac-address? false and newer versions require local-mac-address? true.

IPMP/LACP

If you're going to have multiple interfaces on the same network, I highly recommend using a technology like IPMP or LACP to handle failover and out-bound load spreading. With Solaris 8 you're probably stuck with IPMP, which is a shame because it is a pain to configure. LACP is much nicer but requires Solaris 10 and a bit of configuration on the Cisco.

Solaris 10

There's really no excuse to be using Solaris 8 these days. It's in vintage support and will reach its end of support life next year. Solaris 10 has a much better network stack, better performance, and a whole set of great features (zones, ZFS, DTrace, resource controls, SMF, IPFilter, ...).

Tom Shaw
  • 3,752
  • 16
  • 23
  • This is an appliance we're stuck with where a lot of the stuff is locked down. It's an i386pc machine and had already checked local-mac-address setting but it doesn't exist in this. Also, thought about IPMP but I doubt the proprietary software on it will recognize the Virtual interface configured on it as it itself uses VIPs to handle traffic. Unfortunately upgrade isn't an option (not that we didn't try) + software specific to solaris 8. Like I said, this used to work perfectly fine, all of a sudden it's doing this. Note that all MACs are seen in the router upon startup or restart of network – AEG Jun 07 '11 at 07:04
  • Sorry if my message above sounds curt, limited number of chars for comments :( – AEG Jun 07 '11 at 07:05
  • @AEG: No worries. If you run the command `eeprom` as root, does it list a `local-mac-address?` entry? It may also be useful if you update your question with the actual output of `ifconfig -a` (of course you can obfuscate the IP addresses if you like). – Tom Shaw Jun 07 '11 at 08:13
  • Thanks Tom. I have updated with the output from netstat -rn and ifconfig -a. I didn't know how to keep the format of the output and it wouldn't let me upload a pic till I had 10 reps. Anyway, it's at the link above. Also, I do not have local-mac-address? variable in the "eeprom" of this machine :( – AEG Jun 07 '11 at 09:07
  • @AEG: The trick with formatting is to start with a blank line and prefix each line with four spaces. Anyway, it looks like the MAC addresses are fine, and if you're limited by proprietary software I don't think I can help. – Tom Shaw Jun 07 '11 at 09:14
  • _sigh_ I was hoping this to be resolved more from the OS level/networking perspective since I'm getting this behaviour when the software is NOT configured or running. It creates a bunch of firewall rules and virtual interfaces but I removed all of them to bring it to a relatively clean machine to resolve this so at least the pings etc. from each interface directly connected to the 192.168.30.0 network go directly from the respective interfaces as opposed to through e1000g0 getting all the traffic. – AEG Jun 07 '11 at 09:27