2 NICs on 1 Host

I'm a total noob on this and I don't have any time to figure out how to do this since I'm stressed with school now. We're wrapping up the quarter in two weeks.

Here's what I'm trying to do. I have a linux box, Ubuntu 10.04 (actually a dual boot environment) with 2 PCI NICs and one integrated NIC of course.

Integrated NIC: eth0 (main NIC use to get on the World Wide Web) disable for now

(below is for strictly experimentation purpose)
1st PCI NIC: eth1 - 192.168.2.2 MASK: 255.255.255.0 GW: none
2nd PCI NIC: eth2 - 192.168.2.3 MASK: 255.255.255.0 GW: none

I have attached straight twisted pairs from both NICs to an unmanaged switch.

I'm trying to save resources, and instead of having two separate PCs, I thought I can isolate each NIC through virtualization. I plan to use the NIC to connect it to the cloud in GNS3 and bridge the NIC in VirtualBox. However, before I attempt any of that, I set up Wireshark capture on each NIC in promiscuous mode and executed the command:

ping -I eth1 192.168.2.3

And I got "Destination Host Unreachable." I only see ARP broadcasts coming from eth1 on both Wireshark captures. And yes, I'm logged in as root. Do you have any idea what I did wrong? I hope I can accomplish this so I don't have to waste money buying another computer.

Find more posts tagged with

Comments

ehnde

hiddenknight821 wrote: »

I'm a total noob on this and I don't have any time to figure out how to do this since I'm stressed with school now. We're wrapping up the quarter in two weeks.

Here's what I'm trying to do. I have a linux box, Ubuntu 10.04 (actually a dual boot environment) with 2 PCI NICs and one integrated NIC of course.

Integrated NIC: eth0 (main NIC use to get on the World Wide Web) disable for now

(below is for strictly experimentation purpose)
1st PCI NIC: eth1 - 192.168.2.2 MASK: 255.255.255.0 GW: none
2nd PCI NIC: eth2 - 192.168.2.3 MASK: 255.255.255.0 GW: none

I have attached straight twisted pairs from both NICs to an unmanaged switch.

I'm trying to save resources, and instead of having two separate PCs, I thought I can isolate each NIC through virtualization. I plan to use the NIC to connect it to the cloud in GNS3 and bridge the NIC in VirtualBox. However, before I attempt any of that, I set up Wireshark capture on each NIC in promiscuous mode and executed the command:

ping -I eth1 192.168.2.3

And I got "Destination Host Unreachable." I only see ARP broadcasts coming from eth1 on both Wireshark captures. And yes, I'm logged in as root. Do you have any idea what I did wrong? I hope I can accomplish this so I don't have to waste money buying another computer.

What's the output of ifconfig? Is eth2 up?

My own personal experience trying to bridge NICs with KVM is it's a pain in the ass.

Forsaken_GA

Is there a particular reason you're trying to put 2 NIC's on the same machine into the same subnet?

Forsaken_GA

well, I'll be a little more helpful.

I would strongly recommend you not put both NIC's in the same subnet, unless you have a very pressing reason to do so.

if you absolutely must do it that way, do some research into the arp_filter kernel variable

hiddenknight821

root@ubuntu-desktop:~# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:1d:92:f6:9f:2f
inet addr:192.168.1.113 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21d:92ff:fef6:9f2f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:128526 errors:0 dropped:0 overruns:0 frame:0
TX packets:77717 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:164319344 (164.3 MB) TX bytes:7644821 (7.6 MB)
Interrupt:28 Base address:0x8000

eth1 Link encap:Ethernet HWaddr 1c:bd:b9:87:07:01
inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::1ebd:b9ff:fe87:701/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81 errors:0 dropped:0 overruns:0 frame:0
TX packets:278 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13073 (13.0 KB) TX bytes:40716 (40.7 KB)
Interrupt:16 Base address:0x4800

eth2 Link encap:Ethernet HWaddr 1c:bd:b9:87:06:fe
inet addr:192.168.2.3 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::1ebd:b9ff:fe87:6fe/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:161 errors:0 dropped:0 overruns:0 frame:0
TX packets:82 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22207 (22.2 KB) TX bytes:11941 (11.9 KB)
Interrupt:21 Base address:0xac00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1325 errors:0 dropped:0 overruns:0 frame:0
TX packets:1325 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:103356 (103.3 KB) TX bytes:103356 (103.3 KB)

vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 TX bytes:0 (0.0

Why would putting both NICs in the same subnet be a problem? Like I said, they are physically attached to a unmanaged switch, so they have to be on the same subnet to communicate with each other. Don't forget that I was able to see the ARP request on my et02 while doing wireshark capture. Man, this is worth an experiment that everybody should try since so far none of you could figure this out. Thanks though.

varelg

hiddenknight821 wrote: »

(below is for strictly experimentation purpose)
1st PCI NIC: eth1 - 192.168.2.2 MASK: 255.255.255.0 GW: none
2nd PCI NIC: eth2 - 192.168.2.3 MASK: 255.255.255.0 GW: none
... and executed the command:

ping -I eth1 192.168.2.3

And I got "Destination Host Unreachable." I only see ARP broadcasts coming from eth1 on both Wireshark captures. And yes, I'm logged in as root. Do you have any idea what I did wrong? I hope I can accomplish this so I don't have to waste money buying another computer.

Also, GW none?

Forsaken_GA

hiddenknight821 wrote: »

Why would putting both NICs in the same subnet be a problem?

That's a very good question. Did you just dismiss me out of hand, or did you actually do some research on the subject? I'm not just talking out of my ass

Did you actually look at the contents of those ARP conversations that you captured?

Like I said, they are physically attached to a unmanaged switch, so they have to be on the same subnet to communicate with each other. Don't forget that I was able to see the ARP request on my et02 while doing wireshark capture. Man, this is worth an experiment that everybody should try since so far none of you could figure this out. Thanks though.

I actually already know the problem, and the solution, and I've already pointed you in the right direction. It's up to you to follow up. I'll give you another suggestion as well - If I'm understanding what you're trying to do, you're basically just trying to get a pair of interfaces up to play with, all they need is local connectivity and not connectivity to another box across your unmanaged switch. If that's the case, you're going about this the wrong way. Look into adding some loopback interfaces.

Forsaken_GA

varelg wrote: »

Also, GW none?

Not really an issue, he's essentially creating a backend private network where no traffic would necessarily have to leave the subnet. You only need a gateway if you need to talk to nodes outside of your own subnet.

mikej412

hiddenknight821 wrote: »

this is worth an experiment that everybody should try since so far none of you could figure this out.

What's to figure out?

The issue -- and the solution of changing the

Forsaken_GA wrote: »

arp_filter kernel variable

was documented at least as far back as 2007. That's when I added multiple 4 port Ethernet cards to a couple of my Linux systems to use with Dynamips -- and I avoided the issue/problem by changing that kernel variable.

varelg

Forsaken_GA wrote: »

Not really an issue, he's essentially creating a backend private network where no traffic would necessarily have to leave the subnet. You only need a gateway if you need to talk to nodes outside of your own subnet.

And he WILL need to talk outside of its subnet.

Forsaken_GA

varelg wrote: »

And he WILL need to talk outside of its subnet.

Well, that depends. It sounds like all he's trying to do bridge some VM's to a GNS3 cloud, so not necessarily. The machines just need to be able to talk amongst each other, not talk to the public internet

Chris:/*

Just for a reference you do not need two separate NICs for this. You could run a virtual NIC in linux by adding another configuration file a few other tidbits for an adapter designated like this eth0:1. This effectively allows one NIC to act as two interfaces.

Assign Virtual IPs to your NIC

BTW the reason you are getting destination host unreachable is because you put in the wrong IP.

If you want specific traffic to go out one NIC or the other you have to set up a route stating that otherwise Linux will always default to the first adapter IF they are on the same subnet.

hiddenknight821

After finding the time to play around with my linux box, I must say Josh is the man!

I find his link on interface bridging very resourceful. I finally figured out exactly what I wanted to do with my NICs. Although, I still couldn't understand why both of my NIC couldn't communicate with each other directly, which it should. But when I hooked it to a router, it works. So, I guess you guys might be right. I can't place it in the same subnet.

In the link above, it works for only Debian-based distro, and you would have to download and install two packages: uml-utilities and bridge-utils to be able to use tunctl and brctl commands. I used Ubuntu 10.04, and I gotta say I frigging love my linux box. Although, I need to do some hardware upgrade in the future to run more virtualization.

What I did was that I created a bridge group interface (br0), where eth1 and tap0 (which I created with tunctl command) interfaces are able to communicate with each other. I'm assuming the bridge group is sort of like a hub. My GNS3 uses the tap0 interface to communicate with the computer. I can even have my XP guest in VirtualBox to communicate with the routers in GNS3 using the bridge (br0) interface. And the sweetest thing about it is that I can run SDM flawlessly. Gosh, I am in love with my linux box. It amazes me with what it can deliver utilizing the virtualization technology. I think I would lose my mind if I use Windows as my primary OS to attempt what I'm trying to accomplish.

Thank you everyone for your inputs. I'm glad this experiment is over. Time for me to start routing and switching.

Forsaken_GA

hiddenknight821 wrote: »

Although, I still couldn't understand why both of my NIC couldn't communicate with each other directly, which it should. But when I hooked it to a router, it works. So, I guess you guys might be right. I can't place it in the same subnet.

By default, Linux kernels will reply to ARP requests on every interface for every IP they own.

I'll leave it to you to figure out why this is bad in the situation you were trying to setup

varelg

hiddenknight821 wrote: »

After finding the time to play around with my linux box, I must say Josh is the man! I find his link on interface bridging very resourceful. I finally figured out exactly what I wanted to do with my NICs. Although, I still couldn't understand why both of my NIC couldn't communicate with each other directly, which it should. But when I hooked it to a router, it works. So, I guess you guys might be right. I can't place it in the same subnet.

In the link above, it works for only Debian-based distro, and you would have to download and install two packages: uml-utilities and bridge-utils to be able to use tunctl and brctl commands. I used Ubuntu 10.04, and I gotta say I frigging love my linux box. Although, I need to do some hardware upgrade in the future to run more virtualization.

What I did was that I created a bridge group interface (br0), where eth1 and tap0 (which I created with tunctl command) interfaces are able to communicate with each other. I'm assuming the bridge group is sort of like a hub. My GNS3 uses the tap0 interface to communicate with the computer. I can even have my XP guest in VirtualBox to communicate with the routers in GNS3 using the bridge (br0) interface. And the sweetest thing about it is that I can run SDM flawlessly. Gosh, I am in love with my linux box. It amazes me with what it can deliver utilizing the virtualization technology. I think I would lose my mind if I use Windows as my primary OS to attempt what I'm trying to accomplish.

Thank you everyone for your inputs. I'm glad this experiment is over. Time for me to start routing and switching.

Oh where to start...
Congratulations on your succesful experiment, it is always fun to read how experiments started with the objective of the said experiment being unclear/not set.
Now that you are clear on both what you needed to achieve and how to achieve, perhaps you'll take the time to look at the alternatives to the path you took. Do you also you know why did it work?
Comparing a desktop client OS to server OS is like comparing apples to oranges. You use hammer to hit the nail in the wall and screwdriver for a screw.
Good luck with your study, what is:
- the next experiment on your list, and
- your experience with the amazon cloud and why did you choose it.