Static routing for multihomed server

Hello people,

i’ve ran into a problem with my openSUSE 11 server. There are two NICs configured as eth0 + eth1 pointing to different networks. eth0 was configured at installation time and works flawlessly. Now i am adding eth1 and… there is a problem: eth0 continues to work as intended (apache is serving request and so on), but any request coming to eth1’s ip comes out as a reply from eth0. That is when i ping eth1’s ip from some external network it replies BUT ifconfig shows the same amount of TX packets. So i can successfully request a page connecting to eth1, but data will come back to me from eth0. I understand i miss some important part in my network but i just don’t know where to dig then. Someone route me to the right routing please? :slight_smile:

route -n

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
8x.xx.72.0 U 0 0 0 eth0
8x.xx.73.0 U 0 0 0 eth1 U 0 0 0 eth0 U 0 0 0 lo 8x.xx.72.1 UG 0 0 0 eth0


eth0 Link encap:Ethernet HWaddr 00:E0:xx:xx:xx:FE
inet addr:8x.xx.72.143 Mask:
RX packets:146534385 errors:0 dropped:0 overruns:0 frame:0
TX packets:190560944 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18014483427 (17179.9 Mb) TX bytes:218244779285 (208134.4 Mb)

eth1 Link encap:Ethernet HWaddr 00:E0:xx:xx:xx:FF
inet addr:8x.xx.73.60 Bcast:8x.xx.73.255 Mask:
RX packets:10425966 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1225366140 (1168.6 Mb) TX bytes:3668 (3.5 Kb)

You’ll have to add extra routes so that the hosts on the other network are reached via eth1. This is only for hosts that can only be reached via eth1. If a host can be reached via either interface, then the default route will be used.

Both interfaces are fully functional, thus anything alive can be reached via any of two. What i am asking for is to make the server answer for the request to eth1 come out via same, eth1, interface. Like when i ask for something at eth0, the reply comes back to me (external) from same ip. This is not what happens with eth1 now.

Anyone with a practical solution please? I’ve only found this - Routing for multiple uplinks/providers -
but for some reason after i ran the script (of course modified to my setup) my network stops responding in seconds with the following error filling the log -

Nov 21 19:24:20 pr1 kernel: printk: 501 messages suppressed.
Nov 21 19:24:20 pr1 kernel: Neighbour table overflow.

Why should it matter then? If both interfaces are reachable from all hosts, then they are equally good, no? If you want to double the bandwidth, then bond the interfaces.

It’s not a matter of a particular interface mattering for IP packets. Where IP is concerned, it’s the routing that matters.

Wasn’t “routing” the part of the question?

I want to set up another software to listen at eth1 AND answer on the same interface. Now i have ALL outgoing traffic from eth0, leaving eth1 output bandwidth unused.

Ok, first realise that even though TCP talks about connections, because at the base, IP is a packet switching system, routing can be asymmetrical. This is a fundamental difference between virtual circuits and packet switching,which was one of the points of the debate between these two technologies some 40 years ago, and we know that packet switching won.

Just because a packet came in on a particular interface doesn’t mean that the reply will go back through the same interface. The routing is controlled by the global policy rules, and if the default route specifies a particular interface, then it will go out that way.

There is no “memory” of where the packet came in on attached to the packet, unless you use iptables rules to mark the packet in the Linux networking stack (which is not a feature required of standard IP stacks). Even if you do so, standard applications like Apache do not, to my knowledge, look at the mark and mark the reply packets so that they will use policy routing to go out a particular interface.

If you want to explore these policy routing issues further, then do a search for the acronym LARTC. Maybe you will find some advanced hack that will do what you want. I’d be interested if you do. You probably have read the load-balancing part of that tute already.

Did you actually read what i was posting? “do a search for the acronym LARTC” after i post a link to their manuals sound weird…

Nonetheless if the answer is anywhere at all, it will be there.