Oleg Goldshmidt wrote: > Shachar Shemesh <shac...@shemesh.biz> writes: > > >> Do the following experiment. Connect the 100 card to a network, and >> from another computer ping the 101 address while a sniffer is >> running. You will see an ARP reply going out from the 100 card, >> carrying the 100 MAC address, and the ping will succeed despite the >> 101 card being disconnected. Why? Because the computer says "I know >> how to reach 101 - it's my IP, so if the ARP reached the 100 card, >> it's probably a good MAC address to respond with". >> > > Let me first make a disclaimer that I have not tried it myself in this > configuration, but here is what *might* point you towards a > solution. It may also turn out a dead end, mind you. > > Try to use iproute2 to created multiple routing tables by policy. In > principle, iproute2 should enable you to create multiple routing > tables per process (you need "policy routing" enabled in the kernel, > too). Configure routing rules per destination host in such a way that > traffic intended to 101 goes out of device eth0, and traffic intended > to 100 goes out of device eth1. > > Google for more descriptions and explanations for "multiple default > gateways linux" or some such. Some links that (say similar things and) > may be of help are > > http://www.clintoneast.com/articles/multihomed.php > http://lartc.org/howto/lartc.rpdb.multiple-links.html > http://linux-ip.net/html/adv-multi-internet.html > http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/ > > Once again, I am not saying it is a solution for you problem, just > something that might help you work it out, if it is at all possible. > > >> The most immediate solution is to run a virtual machine, and give it >> exclusive access to one of the NICs. This way you can configure, for >> example, the 100 address in the real machine and the 101 address in >> the virtual one. >> > > But this does not necessarily mean packets will go out of the machine > - hypervisors include local (in-box) switching nowadays. > > It seems that I've unintentionally opened a Pandora's Box with this one. For the moment I've grabbed the iproute2 "howto" , which is available from one of Oleg's links, above. (It's installed on all 3 of my Linux boxes by default.)
Heavy homework for what I'd hoped was a rather simple problem! About using virtual machines: (1) It's heavy fisted - even if it works (2) It's self defeating - My 2 Linux "test" boxes are each P IIs with limited memory running a minimal SuSE 9.2 installation. Enough for now. D
begin:vcard fn:Daniel Feiglin n:Feiglin;Daniel adr:;;POB 36;Shavei Shomron;Doar Na;44858;ISRAEL email;internet:dilog...@inter.net.il tel;work:972 9 8616204 tel;fax:972 9 8621052 tel;pager:Skype user ID: baba_danny tel;home:972 9 8320939 tel;cell:927 52 3869986 version:2.1 end:vcard
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
