Highlighted
Absent Member.
Absent Member.
1036 views

slesl10 server with 2 IP's on different segments

Hello,

I have a very basic linux/routing question to ask. I have a server with a 10.237.x.x address. Because of some legacy settings in the environment, a web service on the server needs to be accessable with a 10.30.x.x also. So i've set up the new NIC cards appropriately as far as I know, they are in the correct VLAN's. The default gateway i set up on the 10.237 network. My desktop PC happens to be on the 10.30 network but most aren't. So what I experience is that anyone on a network other than 10.30 can only reach the 10.237 address. My desktop which is on the 10.30 can only reach the 10.30 address. I went into the network settings and checked off the "enable IP forwarding box" but it didn't have any effect. Firewall is disabled. From my limited understanding, I thought that by clicking off the IP forwarding box this would fix the issue, that any traffic coming in to the 10.30 address would be able to route out the default gateway. Let me know what you guys think. Sorry if I've missed something basic.
Labels (2)
0 Likes
5 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: slesl10 server with 2 IP's on different segments

Technically this should be in the SLES forums, unless this is aon OES2 server?

Assuming this is on an OES2 server, you have two NIC attached directly to two diff. VLAN's

You should NOT enable routing (IP forwarding), IMO and you only need ONE default gateway on the server.

Since the IP's on the server NIC are direct attached, the server will "know" how to get to the respective VLAN's and thus only one bit of traffic will go through the one NIC.

By default, it seems that OES2 Linux will only bind/use NCP on the FIRST NIC that you used. So it's possible that's why you cant' "get" to the secondary NIC via NCP.

You should be able to PING the other IP on the 2nd NIC and have it respond and LDAP should be bound to that other network interface as well

I just setup two servers this way and things seem to work fine.

Note that we do NOT want our users or NCP using the secondary NIC on the other VLAN, hence disabling the routing (otherwise you can end up with funky traffic patterns cirumventing your VLAN setup)
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: slesl10 server with 2 IP's on different segments

kjhurni;2110831 wrote:
Technically this should be in the SLES forums, unless this is aon OES2 server?

Assuming this is on an OES2 server, you have two NIC attached directly to two diff. VLAN's

You should NOT enable routing (IP forwarding), IMO and you only need ONE default gateway on the server.

Since the IP's on the server NIC are direct attached, the server will "know" how to get to the respective VLAN's and thus only one bit of traffic will go through the one NIC.

By default, it seems that OES2 Linux will only bind/use NCP on the FIRST NIC that you used. So it's possible that's why you cant' "get" to the secondary NIC via NCP.

You should be able to PING the other IP on the 2nd NIC and have it respond and LDAP should be bound to that other network interface as well

I just setup two servers this way and things seem to work fine.

Note that we do NOT want our users or NCP using the secondary NIC on the other VLAN, hence disabling the routing (otherwise you can end up with funky traffic patterns cirumventing your VLAN setup)


I can't get it to work for some reason. I'm only testing with ping so far. My PC is on the 10.30 VLAN. When only one NIC address on the 10.237 is set up, I can ping it fine from my desktop. As soon as I configure the second server NIC on the 10.30 I can no longer reach 10.237 from my PC. On other devices which are on neither VLAN, I can only reach the 10.237 interface but not the 10.30. The default route is the gateway on 10.237. I've tried with/without IP forwarding and tried playing around with routes as much as I could (put everything back the way it was) and still no dice. Thanks.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: slesl10 server with 2 IP's on different segments

What's your subnet masking?

I'm assuming with a 10.whatever since you mention 10.30 and 10.237 (is that the first two octets, or the last two octets)?

Our entire network is VLAN'd (all workstations on each floor, etc.) and ping works just fine in my setup, so I would guess that either NIC1 and NIC2 are not on two actual networks (would have to figure that out by your subnet mask) or your main routing setup in your routing gear isn't quite right.

You may want to ask this over in the regular SLES 10.x networking forums for basic networking stuff as I'm not quite the expert when it comes to all the native Linux commands when something odd like this doesn't work.

I don't maintain our Cisco network stuff (our datacom guys do that), but I know with two different networks and a NIC on each, that I didn't have to do anything differently with the OES2 server other than give it an IP on the other network and voila. Our core router handles all the routing between the VLANs
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: slesl10 server with 2 IP's on different segments

You're probably right, maybe there is some routing issue going on. These are two distinct networks and VLAN's, the gateways are actually on the same router. It should work. Thanks for your help.


kjhurni;2110903 wrote:
What's your subnet masking?

I'm assuming with a 10.whatever since you mention 10.30 and 10.237 (is that the first two octets, or the last two octets)?

Our entire network is VLAN'd (all workstations on each floor, etc.) and ping works just fine in my setup, so I would guess that either NIC1 and NIC2 are not on two actual networks (would have to figure that out by your subnet mask) or your main routing setup in your routing gear isn't quite right.

You may want to ask this over in the regular SLES 10.x networking forums for basic networking stuff as I'm not quite the expert when it comes to all the native Linux commands when something odd like this doesn't work.

I don't maintain our Cisco network stuff (our datacom guys do that), but I know with two different networks and a NIC on each, that I didn't have to do anything differently with the OES2 server other than give it an IP on the other network and voila. Our core router handles all the routing between the VLANs
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: slesl10 server with 2 IP's on different segments

Not a problem. Just make sure that you didn't add another gateway/route on the SLES/OES2 machine itself

I did that once and it wrecked things because I didn't realize that SLES saw the network as "direct-attached" and just handled things from there.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.