Thursday, December 13, 2012

Multiple interface on same network are using same NIC for communication


Multiple interfaces on the same subnet

In the Linux implementation of the IP stack a IP address belongs to the host event though the administrator configures it on a devices. This can cause somewhat unexpected behaviour when multiple interfaces are configured to use the same network.

The network

 {network A}
            \       +--------------+
             -(eth0)| Linux server |
                    +--------------+
                     (eth2)  (eth3)
                       |       | 
                      {Network B}
When multiple interfaces are configured for the same network you must use policy routing to make the internal IP stack route the packages out on the designated interface. This is done by using the "ip route" command.

Prerequisites

The following options must be enabled in the kernel.
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_MULTIPATH=y
CONFIG_IP_ROUTE_VERBOSE=y
CONFIG_NETLINK_DEV=y
You also need the iproute suite, also known as iproute2. In Debian (and Debian derivatives) this is the iproute package.

Example configuration for two interfaces on the same IP subnet


In Debian (and Debian derivatives) the easiest way to add the additional routes on start-up is to use the up option in /etc/network/interfaces.
auto eth2
iface eth2 inet static
   address 192.168.1.20
   network 1192.168.1.0
   netmask 255.255.255.0
   broadcast 192.168.1.255
   up ip route add 192.168.1.0/24 dev eth2 proto kernel scope link src 192.168.61.20 table 20
   up ip route add default via 192.168.1.1 dev eth2 table 20
   up ip rule add from 192.168.1.20 lookup 20
 
auto eth3
iface eth3 inet static
   address 192.168.1.21
   network 192.168.1.0
   netmask 255.255.255.0
   broadcast 192.168.1.255
   up ip route add 192.168.1.0/24 dev eth3 proto kernel scope link src 192.168.61.21 table 30
   up ip route add default via 192.168.1.1 dev eth3 table 30
   up ip rule add from 192.168.1.21 lookup 30
Note:The table id is just a positive integer in the range 0-255 that identifies a unique table. When setting up multiple interfaces on the same subnet this id needs to be unique for each interface. In the example the interface number times 10 is used. Table id 0 and 253-255 are reserved for internal use and may not be used for this configuration.
For more information about advanced Linux routing please see read the Linux Advanced Routing & Traffic Control HOWTO.
Book tip: "Linux Network Internals"


another example:

Multiple interface on same subnet same machine can work fine. 
we need to use advance routing concepts with arp_filter option, make table for each interface and configure default routes and lookups. following three magic lines solved my problem.

Code:
ip route add 10.209.192.0/22 dev eth1 proto kernel scope link src 10.209.193.131 table tlb_1
ip route add default via 10.209.192.1 dev eth1 table tlb_1
ip rule add from 10.209.193.131 lookup tlb_1
ip route flush cache