two interfaces one subnet
dholmes at mwdh2o.com
Mon May 11 17:27:13 CDT 2009
I think the idea of one interface per subnet originates in the early
RFCs, such as RFC 1009 "Requirements for Internet Gateways":
"Section 1.1.2 Networks and Gateways
... A gateway is connected to two or more networks, appearing to
each of these networks as a connected host. Thus, it has a
physical interface and an IP address on each of the connected
networks ... "
So by using singular terminology ( "a connected host", "a physical
interface", "an IP address") instead of plural, a single interface per
subnet for gateways (read routers) is implied.
This is not to say that it will not work, at least on servers. Standards
aside, a good reason why this is not a best practice is the concept of
asynchronous routing where a packet arrives on one interface, and the
reply leaves on the other interface with a different source IP on the
reply. Most firewalls will reject packets such as this.
From: Chris Meidinger [mailto:cmeidinger at sendmail.com]
Sent: Monday, May 11, 2009 1:29 PM
To: nanog at nanog.org
Subject: two interfaces one subnet
This is a pretty moronic question, but I've been searching RFC's on-
and-off for a couple of weeks and can't find an answer. So I'm hoping
someone here will know it offhand.
I've been looking through RFC's trying to find a clear statement that
having two interfaces in the same subnet does not work, but can't find
it that statement anywhere.
The OS in this case is Linux. I know it can be done with clever
routing and prioritization and such, but this has to do with vanilla
config, just setting up two interfaces in one network.
I would be grateful for a pointer to such an RFC statement, assuming
More information about the NANOG