Stuart Jansen wrote: > I would like to setup a server with two NICs plugged into two seperate > networks that use the same addresses. The server should be able to > respond to ICMP, DNS, NFS, HTTP & FTP. At first this would seem > ridiculous and impossible, but a little experimenting suggests it > _might_ be possible.
This is very possible. The only thing that presents a problem is routing. In fact this is entirely a routing issue. Basically you want to make sure replies from a particular interface are sent back out the interface, right? I have a similar situation where I have a server that sits on both a private and public network. The problem is that if I want to talk to, say www.byu.edu, there are now two routes to it, but the default route always favored one interface, which I chose to be the private 10. one. So if you were on some BYU host, say 128.187.d.e, and you tried to ping the server's private address of 10.x.y.z, inbound packets would go in the 10. interface, but out 128.187. interface, leading to 100% loss. So here's the solution I did, which may provide _part_ of your answer, except that in my case, my interfaces had different ip addresses. I think the rules could still be adapted, since they are based on device/address tuples. ip route add 128.187.a.0/24 dev eth0 src 128.187.a.b table PUBLIC ip route add default via 128.187.a.1 table PUBLIC ip route add 10.x.y.0/25 dev eth1 src 10.x.y.z table PRIVATE ip route add default via 10.x.y.1 table PRIVATE ip rule add from 128.187.a.b table PUBLIC ip rule add from 10.x.y.z table PRIVATE ip route flush cache This will ensure that replies to packets coming in an interface go out that interface, regardless of the default route. Note that my use of "PUBLIC" and "PRIVATE" is entirely arbitrary. On my RHEL machine, these are defined in /etc/iproute2/rt_tables. Here's what mine looks like: # # reserved values # 255 local 254 main 253 default 0 unspec # # local # 4 PUBLIC 6 PRIVATE /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
