1

I'll have to setup a few servers with each 2 network interfaces. Since I am new to server configuration and networks, I am currently trying to simulate everything on virtual machines.

Each server will have 2 NICs, eth0 and eth1. All eth0 will be connected to a gateway and through that to the internet. All eth1 will be connected to a private switch. eth0 should be used for all external traffic (internet). All traffic between the servers should go only through each server's eth1 (without using the gateway).

If I understand everything right, I have to define (static) routes. What I don't really get are the netmasks and if I have to setup a route for every server or if I have to define one route with a specific netmask to cover all the eth1 IP addresses.

Let's say:

Server A eth0 has the IP 192.168.1.91 (will be later internet).
Server A eth1 has the IP 192.168.1.92 (local network).

Server B eth0 has the IP 192.168.1.93 (will be later internet).
Server B eth1 has the IP 192.168.1.94 (local network).

Server C eth0 has the IP 192.168.1.95 (will be later internet).
Server C eth1 has the IP 192.168.1.96 (local network).

I've defined a route now on Server A:

route add -net 192.168.1.94 netmask 255.255.255.255 dev eth1
route add -net 192.168.1.96 netmask 255.255.255.255 dev eth1

ip route get 192.168.1.94 results in

192.168.1.94 dev eth1  src 192.168.1.91

ip route get 192.168.1.96 results in

192.168.1.96 dev eth1  src 192.168.1.91

If I understand it right, then packets to 192.168.1.94 (and 96) will now be sent through eth1. But why is the source IP 192.168.1.91, even if this is eth0 and eth1 would be 192.168.1.92? Is there any possibility to to see on Server B, from each IP on Server A a request came? Let's say I make on Server A something like ping 192.168.1.93, can I check then on Server B from which IP that ping request came?

antesoles
  • 165
  • 2
    All of those IPs are on the same network. – jordanm Feb 23 '17 at 21:00
  • Currently yes in my simulation. But they won't later in the "real world" setup. Would it be different then in the routing? – antesoles Feb 23 '17 at 21:01
  • 2
    Traffic on a LAN is not routed. LAN traffic is sent via layer-2, e.g. MAC address. Layer-2 has no concept of routing, that is a layer-3, e.g. IP, thing. – Ron Maupin Feb 23 '17 at 21:30
  • Does that mean that if eth0 will be connected to a gateway/internet and eth1 as LAN to the switch, I don't have to define any routes? – antesoles Feb 23 '17 at 21:33
  • 2
    Even for testing, you should move all of your eth0's out of the 192.168.1.0/24 network. Then if each server addresses the other servers by their 192.168.1.0/24 addresses, the traffic will naturally flow the way you want it to, without defining any routes. – Jeremy Dover Feb 23 '17 at 22:00
  • Ok, I've changed the eth1s to 10.0.0.x/8. Now ip route get results in what I wanted. And I think, I understand now what it means to have separate networks even if it's physically one. – antesoles Feb 23 '17 at 22:21

1 Answers1

2

You should be able to get away with just a default route.

As explained by @RonMaupin, your private network requires no routing, it is layer 2, so hosts can 'find' one another. You do though need to use the private IPs (or hostnames) in any configuration where this matters.

For your internet NICs, you would configure their IPs, and set your system's default route to whatever your internet gateway is.

How exactly you do that depends on what your using, but on CentOS/RedHat/Fedora, assuming your internet gateway to have an IP of 10.0.0.1, I would edit /etc/sysconfig/network to add:

GATEWAY=10.0.0.1

iwaseatenbyagrue
  • 3,768
  • Thank you. The setup of the external network wasn't problematic. I did have troubles with the internal network though. Found out that the hoster set up all switches (or whatever it is that they call a private switch) to use a specific gateway. No idea how I could have find that out without contacting them. – antesoles Mar 04 '17 at 20:41