Re: [rhelv5-list] problem with multiple interfaces not a router

Thu, 24 Jul 2008 08:49:10 -0700 

On Thursday 24 July 2008 14:57:00 [EMAIL PROTECTED] wrote:
> We are using a patched RHEL 5 2.6.18-92.1.6.el5 64 bit.
> The scenario
> Eth0: 120.207.7.245 netmask 255.255.255.0 gw 120.207.10.1
> Eth2: 120.207.17.22 netmaks 255.255.255.0 gw 120.207.17.1
>  Even though we set this in ifcfg-eth0, and ifcfg-eth2 we always get the
> following: netstat -rn
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS Window  irtt
> Iface 120.207.7.0    0.0.0.0         255.255.255.0   U         0 0         
> 0 eth0 120.207.17.0 0.0.0.0        255.255.255.0    U        0 0          0
>  eth2 169.254.0.0     0.0.0.0         255.255.0.0     U         0 0        
>  0 eth2 0.0.0.0         130.207.17.1    0.0.0.0         UG        0 0      
>    0 eth2 [EMAIL PROTECTED] rev]# route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface 120.207.7.0    *               255.255.255.0   U     0      0       
> 0 eth2 120.207.17.0    *               255.255.255.0   U     0      0      
>  0 eth2 169.254.0.0     *               255.255.0.0     U     0      0     
>   0 eth2 default         cc-cisco1-anim. 0.0.0.0         UG    0      0    
>    0 eth2
>
>
>
> What we want is a packet coming in on eth2 to go out on eth2, and the same
> for eth0.  No matter what we tried the packets would come in on eth0 and
> try to go out on eth2. We even tried suggestions on this site:
> http://www.itsyourip.com/Security/how-to-disable-icmp-redirects-in-linux-fo
>r-security-redhatdebianubuntususe-tested/
>
> what we expect to see is this:
> netstat -rn
> default              130.207.1.233        UG        1    1802047
> 120.207.1.232        130.207.1.236        U         1       3820 eth0
> 130.207.3.0          130.207.3.252        U         1       5828  eth2
>
> As we have working on our Sun OS system.  All we had to do there was turn
> of routing and ip forwarding.  We checked this on our system and it is set
> to 0 but from taking a tcpdump from different systems on the same subnets
> we could see the system was still trying to do ipforwarding. I would
> welcome suggestions.  Is this a bug or is there a document somewhere we
> missed on doing this? Thank you
> Daniel

What IP Address are you testing _from_ ?

Traffic to/from addresses on the eth0 subnet should only use eth0.
Traffic to/from addresses on the eth2 subnet should only use eth2.
Traffic to/from any other address outside the two local subnets will use eth2 
since that is where your default route is.

Mark.


-- 
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Applied Technologies
GPG Key: http://www.linux-corner.info/mwatts.gpg

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list

Reply via email to