eth0 answering for eth1 ??

Running RHEL ES 4 update 3

eth0: connected to switch at 1Gbps
eth1: connected to VLAN enabled ports on switch at 1Gbps
eth2: cable unplugged (but will be connected to a hub in our DMZ)


# ifconfig
eth0 Link encap:Ethernet HWaddr 00:14:38:4F:5D:88
inet addr:172.24.1.67 Bcast:172.24.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:904108 errors:0 dropped:0 overruns:0 frame:0
TX packets:732304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:961719372 (917.1 MiB) TX bytes:467382678 (445.7
MiB)
Interrupt:201 Memory:f7ef0000-f7f00000

eth1 Link encap:Ethernet HWaddr 00:14:38:4F:5D:87
inet addr:172.24.3.67 Bcast:172.24.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1691 errors:0 dropped:0 overruns:0 frame:0
TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:202986 (198.2 KiB) TX bytes:3214 (3.1 KiB)
Interrupt:209 Memory:f7ee0000-f7ef0000

eth2 Link encap:Ethernet HWaddr 00:50:BF:B6:01:AD
inet addr:172.25.1.67 Bcast:172.25.1.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:217 Base address:0x2000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:882 errors:0 dropped:0 overruns:0 frame:0
TX packets:882 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:238150 (232.5 KiB) TX bytes:238150 (232.5 KiB)


>From another machine on that same switch:

When I set eth2 to an ip address of 172.24.1.68 and even though eth2
doesn't even have a network cable attached, I can ping all 3
addresses!!

>From my workstation I can ping the 172.24.3.x but if I ifdown eth0 or
unplug the cable to eth0 I lose my ability to ping the eth1 interface.
This just doesn't make a whole lot of sense unless RHEL by default is
doing some sort of ip masq or something of the sort. Any ideas on what
I should be looking for?

On the server with above ifconfig:

# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
172.24.1.0 * 255.255.255.0 U 0 0 0
eth0
172.24.3.0 * 255.255.255.0 U 0 0 0
eth1
172.25.1.0 * 255.255.255.0 U 0 0 0
eth2
default 172.24.1.254 0.0.0.0 UG 0 0 0
eth0

hobbzilla <(E-Mail Removed)> wrote:
> Running RHEL ES 4 update 3

> eth0: connected to switch at 1Gbps
> eth1: connected to VLAN enabled ports on switch at 1Gbps
> eth2: cable unplugged (but will be connected to a hub in our DMZ)


> # ifconfig
> eth0 Link encap:Ethernet HWaddr 00:14:38:4F:5D:88
> inet addr:172.24.1.67 Bcast:172.24.1.255 Mask:255.255.255.0
> ...
> eth1 Link encap:Ethernet HWaddr 00:14:38:4F:5D:87
> inet addr:172.24.3.67 Bcast:172.24.3.255 Mask:255.255.255.0
> ...
> eth2 Link encap:Ethernet HWaddr 00:50:BF:B6:01:AD
> inet addr:172.25.1.67 Bcast:172.25.1.255 Mask:255.255.255.0



> From another machine on that same switch:

> When I set eth2 to an ip address of 172.24.1.68 and even though eth2
> doesn't even have a network cable attached, I can ping all 3
> addresses!!

Linux, like many other stacks (at least by default) considers the IP
addresses you think you are assigning to an interface to be a property
of the host as a whole. So, it will accept traffic destined to any of
its local IPs, on any of its interfaces.

Having replies make it back to the sender will depend on the
connectivity of the mesh to which the interfaces are connected.

> From my workstation I can ping the 172.24.3.x but if I ifdown eth0
> or unplug the cable to eth0 I lose my ability to ping the eth1
> interface. This just doesn't make a whole lot of sense unless RHEL
> by default is doing some sort of ip masq or something of the
> sort. Any ideas on what I should be looking for?

From what source IP are you sending those pings? Is it from the
172.24.3.X subnet?

There is another feature of Linux networking - if you have multiple
interfaces connected to the same broadcast domain, (eg set of
switches) then IIRC not only will the system accept IP traffic for any
of its IP's on any of its interfaces, any of its interfaces will take
part in ARP for any of its IPs. This can lead to "interesting"
behaviour when multiple interfcaces, even those in separate IP
(sub)nets are connected to the same broadcast domain. So, on the
system(s) from which you are pinging, you might check the ARP caches
and see if the MAC for a given IP actually matches the MAC of one of
the other interfaces in the system.

There is a sysctl called "arp_ignore" or perhaps "ignore_arp" that can
be set to have an interface reply to ARPs only for IP's assigned to
that specific interface.

rick jones
--
The glass is neither half-empty nor half-full. The glass has a leak.
The real question is "Can it be patched?"
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...