Date: Fri, 27 Jul 2001 15:04:03 -0600 (MDT) From: Fred Clift <fclift@verio.net> To: Steven Ames <steve@virtual-voodoo.com> Cc: "Jonathan M. Slivko" <jslivko@blinx.net>, Chris Dillon <cdillon@wolves.k12.mo.us>, freebsd-hackers@FreeBSD.ORG Subject: Re: Why two cards on the same segment... Message-ID: <Pine.BSF.4.21.0107271454430.85374-100000@vespa.dmz.orem.verio.net> In-Reply-To: <00fa01c11615$73cccb10$28d90c42@eservoffice.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 26 Jul 2001, Steven Ames wrote: > public IP space. I might be off here but I think the real problem with > two seperate networks on one card (or even on two cards) would be > the default route (can't have two right?) and which IP address gets > used as the 'source IP' on packets leaving the system. I used to work in an organization where there were political reasons for having multiple IP networks on one physical wire. (Take a class B net and poorly subnet it and then run it through a ringer of university politics for 10 years....). We started with boxes with multiple ips on different 'networks' on the same physical wire so that clients on those networks would have to go out to the router (router config out of my direct control -- just one 10B2 wire hanging out of a wall...) and back. An even more ugly/elegant solution to multiple IP subnets on the same wire is to use proxy-arp for routing. Set your own IP (or your net interface, depending on the os) as your default gateway and you think whole world is on the local lan. The router doing proxy arp sends it's mac address for arps for any boxes it knows are not on your local network, otherwise, all the boxes find each other and speak without talking to the router. With decent arp caching you dont see much extra traffic at all and it more than makes up for all the 'double' in/out traffic we saw going to the router. We had like 8 /24's all of which were not adjacent or supernettable. Backbone traffic dropped to about 10% of 'normal' when we switched over most boxes. Ugly, but it works :). Fred -- Fred Clift - fclift@verio.net -- Remember: If brute force doesn't work, you're just not using enough. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107271454430.85374-100000>