IP traffic between two NICs on same box

Hi there!

I have a Linux box with several NICs. What I want is the following setup:

* eth1 - 192.168.100.1
* eth2 - 192.168.100.2
* a physical network connection between both interfaces.


Now I am looking for a way, to enforce IP traffic from 192.168.100.1 to 192.168.100.2 and back to use the network link and not being routed internally.

I have no problem with more esotheric solutions, if all fails, I guess I will code my way through the kernel, but of course I would prefer any less drastic solution.

Thx and regards

Harry

On 29.7.12 12:04 , Harald Radke wrote:
> Hi there!
>
> I have a Linux box with several NICs. What I want is the following setup:
>
> * eth1 - 192.168.100.1
> * eth2 - 192.168.100.2
> * a physical network connection between both interfaces.
>
>
> Now I am looking for a way, to enforce IP traffic from 192.168.100.1 to 192.168.100.2 and back to use the network link and not being routed internally.
>
> I have no problem with more esotheric solutions, if all fails, I guess I will code my way through the kernel, but of course I would prefer any less drastic solution.
>
> Thx and regards
>
> Harry


This should be in a FAQ:

The kernel IP stack is smart enough to route traffic from a host
to *ANY* of its own interfaces via the loopback device lo.

Would you please tell why?

For testing a network with only one piece of hardware available,
a virtual machine setup might help (e.g. VirtualBox or VMWare).

--

Tauno Voipio

Well, I know that the kernel does that, I am looking for a way to bypass that...

Indeed this is gonna be a testing device and preferably I would get around virtualization, I have never worked with that before, I imagine that this will be quite some work, and I wonder about performance issues.

Yup, came here to suggest VMWare!

On Sun, 29 Jul 2012, in the Usenet newsgroup comp.os.linux.networking, in
article <13f5c0f9-f0fc-497c-8770-(E-Mail Removed)>,
(E-Mail Removed) wrote:

NOTE: Posting from groups.google.com (or some web-forums) dramatically
reduces the chance of your post being seen. Find a real news server.

<quoting fixed>

]Tauno Voipio wrote:

]] The kernel IP stack is smart enough to route traffic from a host
]]to *ANY* of its own interfaces via the loopback device lo.

>Well, I know that the kernel does that, I am looking for a way to
>bypass that...

You'll have to re-write the stack - no simple matter.

]] For testing a network with only one piece of hardware available,
]] a virtual machine setup might help (e.g. VirtualBox or VMWare).

It may actually be less of a hassle to just find a second real box.

>Indeed this is gonna be a testing device and preferably I would get
>around virtualization, I have never worked with that before, I
>imagine that this will be quite some work, and I wonder about
>performance issues.

Recently discussed in another group - performance hit is about 20%
in addition to dividing the resources. Really - grab another
system, and save yourself the trouble.

Old guy

On 07/29/2012 08:43 PM, Moe Trin wrote:
> On Sun, 29 Jul 2012, in the Usenet newsgroup comp.os.linux.networking, in
> article<13f5c0f9-f0fc-497c-8770-(E-Mail Removed)>,
> (E-Mail Removed) wrote:
> ]] For testing a network with only one piece of hardware available,
> ]] a virtual machine setup might help (e.g. VirtualBox or VMWare).
>
> It may actually be less of a hassle to just find a second real box.

Or, just stick a NAT router between the two ports and configure its
forwarding so that your box doesn't realize it's talking to itself.

--
Bob Nichols AT comcast.net I am "RNichols42"

Years ago Ben Grear (I think it was Ben Grear) posted some patches to
the netdev list that would allow IP between two local IPs to go out
one NIC and in another, but it was not accepted because the use case
is too rare. I would second/third/whatnot the suggestions to get a
second system.

Now, if you are willing to content yourself with just layer-two
traffic (eg Ethernet) and not IP, you could use AF_PACKET sockets and
send traffic out the one port and in the other. But that won't be IP.

rick jones
--
denial, anger, bargaining, depression, acceptance, rebirth...
where do you want to be today?
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

On 2012-07-29, Harald Radke <(E-Mail Removed)> wrote:
> Hi there!
>
> I have a Linux box with several NICs. What I want is the following setup:
>
> * eth1 - 192.168.100.1
> * eth2 - 192.168.100.2
> * a physical network connection between both interfaces.
>
>
> Now I am looking for a way, to enforce IP traffic from 192.168.100.1 to 192.168.100.2 and back to use the network link and not being routed internally.

Why?

>
> I have no problem with more esotheric solutions, if all fails, I guess I will code my way through the kernel, but of course I would prefer any less drastic solution.
>

Hello,

Moe Trin a écrit :
> (E-Mail Removed) wrote:
>
> ]Tauno Voipio wrote:
>
> ]] The kernel IP stack is smart enough to route traffic from a host
> ]]to *ANY* of its own interfaces via the loopback device lo.
>
>> Well, I know that the kernel does that, I am looking for a way to
>> bypass that...
>
> You'll have to re-write the stack - no simple matter.

Other people have already done the job. See Julian Anastasov's
Send-To-Self patch for example. <http://www.ssi.bg/~ja/#loop>

Robert Nichols a écrit :
> On 07/29/2012 08:43 PM, Moe Trin wrote:
>> (E-Mail Removed) wrote:
>> ]] For testing a network with only one piece of hardware available,
>> ]] a virtual machine setup might help (e.g. VirtualBox or VMWare).
>>
>> It may actually be less of a hassle to just find a second real box.
>
> Or, just stick a NAT router between the two ports and configure its
> forwarding so that your box doesn't realize it's talking to itself.

The box can even do it itself with iptables DNAT and SNAT rules and ARP
static entries.