Re: routing + 2 NICs on teh same network
On 2005-03-22 Chavdar Videff wrote:
> We have the following problem with the routing.
> We have the following structure:
> Internet >>>> Real Ip address on Cisco Router >>>> Internal ip
> address on Cisco Router (10.50.40.31) >>>>> LAN
> In the LAN space we deploy a Debian Linux gateway and firewall to be
> in between Cisco Router and LAN. We noticed the following problem:
> On Debian gateway:
> eth0 - 10.50.40.28
> eth1 - 10.50.40.29
> 10.50.40.29 is the gateway IP address for all hosts on the LAN.
> However if deployed with above settings - there is no routing
> possible. If we assign the 10.50.40.29 IP address to eth0:1 everything
> works as expected.
> If eth1 is another network (10.50.41.29 , again for hosts in that
> network everything is OK).
> My question is: Why isn't it possible to have 2 NICs on same network
> and have routing achieved
Sample hosts: 10.50.40.10 10.50.40.8
Routing table: 10.50.40.0 * 255.255.255.0 U 0 0 0 eth0
10.50.40.0 * 255.255.255.0 U 0 1 0 eth1
default 10.50.40.31 0.0.0.0 UG 0 0 0 eth0
Imagine host 10.50.41.12 sending a packet to host 10.50.41.13. How would
the router know he needs to send the packet over eth1? Or imagine host
10.50.40.8 sending a packet to host 10.50.40.13? How would the router
know he does *not* need to send the packet over eth0? Lowest metric in
the routing table matches.
You need to do bridging if you want to connect two segments of the same
I suggest you read up on TCP/IP and routing. O'Reilly has a really good
book on that stuff (Craig Hunt: "TCP/IP Network Administration").
Why do you have a Linux router between Cisco router and LAN anyway? Or a
Cisco router in front of your Linux router?
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq