-2

I'm going to do a test setup where I can't change IP-adresses of devices under test, but need a special orchestrator device to access all devices which can have the same ip adresses but are in different VLANs.

Lets say there are the following devices connected to a layer 3 switch:

Device under Test A, IP 192.168.1.1, VLAN10 Device under Test B, IP 192.168.1.2, VLAN10

Device under Test C, IP 192.168.1.1, VLAN20 Device under Test D, IP 192.168.1.2, VLAN20

Orchestrator Device, IP 192.168.1.3, VLAN10 + VLAN20 (tagged VLAN)

Now in C# I want to make a TCP connection to lets say Device A. This should in theorie be possible since the devices are separated on ethernet level and virtual NICs are created on the orchestrator device, but how can I tell my program which virtual NIC it should use when doing a connection?

One option would be to dynamically change the routing table on the orchestrator device (calling an external script or P/Invoke), but this is seems more like a workaround.

Antother option would be to just dynamcally enable / disable the virtual NICs, but I don't know if thats easily possible.

I'm using .NET Core btw.

Tobias von Falkenhayn
  • 1,355
  • 5
  • 26
  • 59
  • IP doesn't allow duplicate IP addresses in the same network. I know one company that have different Networks and each Network has same IP addresses. But they have to login remotely to each subnet. So each network has a gateway with a unique address to connect to the companies backbone. You need an application on the gateway to forward IP from the backbone to the devices in the subnets with duplicate IP. – jdweng Feb 17 '21 at 11:19
  • Well, as far as I understand, in my solution there are in fact different networks but my orchestrator device is just connected to all of them over different virtual interfaces. So the question is how can I tell the device which virutal interface to use when its setting up a connection. – Tobias von Falkenhayn Feb 17 '21 at 11:25
  • You can't unless you specify a gateway. IP routing you only can include the destination IP and not a route. So you need to implement a Port Froward in the Gateway because you have duplicate IP addresses. – jdweng Feb 17 '21 at 12:12
  • But if I change the IP table dynamically, I can e.g. give the interface I want to use a lower metric than the other one, so it should basically always go through the interface with the lowest metric – Tobias von Falkenhayn Feb 17 '21 at 12:40
  • I was assuming the subnets were not on the local machine. If all the subnets are on the same machine that setting the mask of the interface to a more precise mask (255.255.255.0 rather than 255.255.0.0) will work. – jdweng Feb 17 '21 at 13:30
  • There are no subnets. There are multiple devices in different VLANs (ips inside the VLAN are unique) connected to one device via a layer 3 switch, over a tagged port ("trunk" port in cisco terms). On layer 2, this is like connecting mulitple networks to one device with multiple network interfaces. – Tobias von Falkenhayn Feb 17 '21 at 13:36
  • A VLAN is a subnet. I not sure but it sounds like the switch is implementing port forwarding. what port forwarding does is to mux (the trunk) IP messages onto a single channel and then demux on far end. So you would need to make connection to switch using the port number. Then mux all your messages onto to the main connection. I do not know the algorithm that is used to do the muxing. – jdweng Feb 17 '21 at 13:49
  • No. VLAN and subnet are different things. VLAN works on Ethernet, Subnet is a Layer 3 concept. – Tobias von Falkenhayn Feb 21 '21 at 09:47
  • I know a lot about networks. Stop with the terminogoly. Lets get to the root cause of issue. – jdweng Feb 21 '21 at 11:48

2 Answers2

2

The Problem:

C# is choosing the NIC based on the network you are using, and the subnet of those networks are the same you will need to use a workaround

The Solution:

  1. Disable the NIC that you are not using in the Orchestrator Device using the cmd netsh command: netsh interface set interface "Interface-Name" disable

  2. Send it to the cmd in C# using the System.Diagnostics.Process.Start("CMD.exe", strCmdLine); command.

This way you can switch between the devices!

ALUFTW
  • 1,914
  • 13
  • 24
  • 1
    OK this was also a solution I was thinking about, seems to be the only feasable.. – Tobias von Falkenhayn Feb 25 '21 at 08:11
  • You can also assign multiple IPs to one NIC and do subneting between the networks – ALUFTW Feb 25 '21 at 08:54
  • I think this won't solve my solution because those additional NICs are created automatically using the Intel VLAN capabilities. – Tobias von Falkenhayn Feb 25 '21 at 08:59
  • From my old days as network engineer- I'm pretty sure on Intel VLAN driver you can specify different IP to each NIC it creates for you. Or at least create another vitual NIC, specify to him one of the vlans, and to the original NIC specify the 2nd vlan. – ALUFTW Feb 25 '21 at 09:01
0

For overlapping IP ranges you can use something like VRF or multiple routing tables.

On your local router you can add each vlan to another VRF (or routing table). and with policy routing mark certain TCP connections to use a specific VRF or Routing table.

You can add NAT to the mix. e.g. a 1:1 nat for your subnet. mark your connections based on those.

on8tom
  • 1,766
  • 11
  • 24