0

I have a RHEL Server 'foo' with two interfaces:

  • eth0: inet addr:172.16.15.75 Bcast:172.16.15.95 Mask:255.255.255.224

  • eth1: inet addr:172.16.15.242 Bcast:172.16.15.247 Mask:255.255.255.248

    root@foo # netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.15.240   0.0.0.0         255.255.255.248 U         0 0          0 eth1
172.16.15.64    0.0.0.0         255.255.255.224 U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         172.16.15.94    0.0.0.0         UG        0 0          0 eth0

The gw for eth0 is 172.16.15.94 and the gw for eth1 is 172.16.15.246

The problem is that from another server, 'bar', I am unable to ping/ssh into server foo's eth1 (172.16.15.242).

Server bar has two interfaces as well:

  • eth0: inet addr:172.16.15.69 Bcast:172.16.15.95 Mask:255.255.255.224

  • eth1: inet addr:172.16.15.128 Bcast:172.16.15.143 Mask:255.255.255.240

    root@bar # netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.15.128   0.0.0.0         255.255.255.240 U         0 0          0 eth1
172.16.15.64    0.0.0.0         255.255.255.224 U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         172.16.15.94    0.0.0.0         UG        0 0          0 eth0


root@bar # ping 172.16.15.75
PING 172.16.15.75 (172.16.15.75) 56(84) bytes of data.
64 bytes from 172.16.15.75: icmp_seq=1 ttl=64 time=1.30 ms
64 bytes from 172.16.15.75: icmp_seq=2 ttl=64 time=0.087 ms
^C
 --- 172.16.15.75 ping statistics ---
 2 packets transmitted, 2 received, 0% packet loss, time 1991ms
 rtt min/avg/max/mdev = 0.087/0.696/1.306/0.610 ms

 root@bar # ping 172.16.15.242
 PING 172.16.15.242 (172.16.15.242) 56(84) bytes of data.

I was reading about Multi Homed Hosts but doesn't look like what I need here since both interfaces have the same IP Range - just different masks and different gateways.

Any ideas on how to approach this problem?

jdmuntz
  • 17
  • 1
  • 3
  • Uncomment `#ListenAddress 0.0.0.0` in `/etc/ssh/sshd_config` and ssh will work on both interfaces – Bert Jan 07 '16 at 20:42

3 Answers3

1

Connections via the eth0 interfaces work because the two machines can reach each other since both addresses are within the /27 subnet defined by the netmask (172.16.15.64 - 172.16.15.95).

The range of IP addresses that bar can reach directly via eth1 is 172.16.15.128 - 172.16.15.143. That doesn’t include foo's eth0 address (and neither does eth0's range). Therefore bar will use the default route via eth0. I don't know what your router will do with this.

That's my expectation based on checking the subnets - I'd be inclined to verify this behaviour by using tcpdump on the source machine to see which interface is being used.

Paul Haldane
  • 4,517
  • 1
  • 21
  • 32
1

The problem that I see is that in the second server, eth1 isn't in the same subnet that any interface of the first server.

In the routing table of the second server, all of his traffic is going out trough gateway 172.16.15.94, and it can't reach an interface that isn't in the same subnet.

Look at this:

First server - eth1

 - IP:172.16.15.242
 - Mask:255.255.255.248
 - Gateway: 172.16.15.246

This configuration make that eth1 interface is in the /29 CIDR subnet range, that have the next ip range:

 - Minimum IP for Hosts: 172.16.15.241
 - Maximum IP for Hosts: 172.16.15.246
 - Broadcast: 172.16.15.247

For reach this interface from other computer, you need to have one interface in the same subnet, or have the proper static routing rules in routers for reach it.

You can try with different solutions, depending on the rest of your infraestructure:

  1. If you have the whole network interconnected, you can assign a second virtual ip of the same subnet to one of your interfaces on the second server (for example ip 172.16.15.243 and the same gateway 172.16.15.246).
  2. The other option is adding a static route in the gateways if they are visible among them.

You can get more info about CIDR and subneting here. And this tool may be helpful for calculate available hosts in any subnet.

Rubén Alemán
  • 11
  • 3
0

The problem is that server bar's eth1 is assigned the same address as the subnetwork address for that subnet (172.16.15.128/28). Traffic directed towards the subnet address will be turned into a broadcast for the subnet. Routers block traffic going to the subnet address to stop broadcast storms. Bar should be re-IP'd to .129. Then, foo will be able to reach its new address if routers have routes for both servers.

Bob
  • 1