PROBLEM
I have two network interfaces set up on my vagrant node. The eth1
is bound to .11
address and eth2
is bound to .12
.
When I do:
ping 192.168.1.12
and
ping 192.168.1.11
... and listen to the ICMP messages on the node on different interfaces
root@node1:/home/vagrant# tcpdump -i eth1 -v icmp -nn
For eth1
I'm getting the ICMP's, but when doing
root@node1:/home/vagrant# tcpdump -i eth2 -v icmp -nn
I do not see my ping requests on tcpdump. However if I send the ping requests to the .12
and listen to the eth1
I see the requests, which is strange to me. So all the ICMP messages are visible in tcpdump when I listen on the eth1
interface - even when I ping the .12
address.
I was expecting to see the requests comming to eth1
when .11
was ping'ed and comming to eth2
when .12
was pind'ed - why is this not the case?
UPDATE 1:
Broadcast ping is visible when listening to 192.168.1.12 with tcpdump:
root@node1:/home/vagrant# tcpdump -i eth2 -v icmp -nn and src host 192.168.1.10
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
05:30:21.800964 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.10 > 192.168.1.255: ICMP echo request, id 28770, seq 1, length 64
05:30:22.800953 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
UPDATE 2:
Broadcasts indicated that there is something wrong on L2 and MAC addresses - indeed the host that hosts vagrant has this ARP table
mindaugas@Mindaugas-Lenovo-Y50-70:~$ arp -an
? (192.168.1.1) at xxxxxxxx [ether] on wlan0
? (192.168.1.12) at 08:00:27:82:f6:0c [ether] on wlan0
? (192.168.1.11) at 08:00:27:82:f6:0c [ether] on wlan0
Even though the interfaces have these:
eth1 Link encap:Ethernet HWaddr 08:00:27:82:f6:0c
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
eth2 Link encap:Ethernet HWaddr 08:00:27:7b:8d:fd
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
Added the MAC address to ARP table:
? (192.168.1.12) at 08:00:27:7b:8d:fd [ether] PERM on wlan0
? (192.168.1.11) at 08:00:27:82:f6:0c [ether] PERM on wlan0
But now,I can see the datagrams comming on eth0
, but I do not get the ping reply messages! ... I wonder why that is?
UPDATE 3:
Tried on my other laptop with virtual box installed and a linux box as a VM. Added two interfaces - both bridged adapters. Same behavior. So this is related to virtual box or something more general (like me not understanding how virtual nics work), not necessarily vagrant.
DATA USED:
My ifconfig on the vagrant node:
root@node1:/home/vagrant# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:ca:3e:f9
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:feca:3ef9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:872 errors:0 dropped:0 overruns:0 frame:0
TX packets:689 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:77679 (77.6 KB) TX bytes:78655 (78.6 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:82:f6:0c
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe82:f60c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:52 errors:0 dropped:0 overruns:0 frame:0
TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7362 (7.3 KB) TX bytes:6796 (6.7 KB)
eth2 Link encap:Ethernet HWaddr 08:00:27:7b:8d:fd
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe7b:8dfd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2444 (2.4 KB) TX bytes:2520 (2.5 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1184 (1.1 KB) TX bytes:1184 (1.1 KB)
My vagrantfile:
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.define "node1" do |node1|
node1.vm.box = "ubuntu/trusty64"
node1.vm.hostname = "node1"
config.vm.network :public_network, type: "dhcp", bridge: "wlan0"
config.vm.network :public_network, type: "dhcp", bridge: "wlan0"
# config.vm.network :public_network, bridge: "wlan0", ip: "192.168.1.251"
# config.vm.network :public_network, bridge: "wlan0", ip: "192.168.1.252"
config.vm.provider "virtualbox" do |v|
v.memory = 256
v.cpus = 2
end
end
The problem is that I'm assigning the two NICs to the same network, so IP routing will not work correctly.
Here is how the routing table in the vagrant host looks like:
root@node1:/home/vagrant# route -ne
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
Arp will be resolved with eth1 MAC, because eth1 will be used to send packets to 192.168.1.0/24 hosts.
As soon as I delete one route - the other starts to work.
Alsi, it does not matter whether I would use
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2
Because routing will still not work (even if I force correct ARP resolution (see the OP) the PING replies never get back to me (not sure why though)).
This illustrates an important concept in IP routing - IP is per host
, not per NIC
.
Some references:
Why arp ignore/annouce are not enable by default https://serverfault.com/questions/556943/multiple-nic-arp-issue
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.