[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

two interfaces one subnet

I think the idea of one interface per subnet originates in the early
RFCs, such as RFC 1009 "Requirements for Internet Gateways":

"Section 1.1.2 Networks and Gateways

... A gateway is connected to two or more networks, appearing to
         each of these networks as a connected host.  Thus, it has a
         physical interface and an IP address on each of the connected
         networks ... "

So by using singular terminology ( "a connected host", "a physical
interface", "an IP address") instead of plural, a single interface per
subnet for gateways (read routers) is implied.

This is not to say that it will not work, at least on servers. Standards
aside, a good reason why this is not a best practice is the concept of
asynchronous routing where a packet arrives on one interface, and the
reply leaves on the other interface with a different source IP on the
reply. Most firewalls will reject packets such as this.  

-----Original Message-----
From: Chris Meidinger [mailto:cmeidinger at sendmail.com] 
Sent: Monday, May 11, 2009 1:29 PM
To: nanog at nanog.org
Subject: two interfaces one subnet

Hi,

This is a pretty moronic question, but I've been searching RFC's on- 
and-off for a couple of weeks and can't find an answer. So I'm hoping  
someone here will know it offhand.

I've been looking through RFC's trying to find a clear statement that  
having two interfaces in the same subnet does not work, but can't find  
it that statement anywhere.

The OS in this case is Linux. I know it can be done with clever  
routing and prioritization and such, but this has to do with vanilla  
config, just setting up two interfaces in one network.

I would be grateful for a pointer to such an RFC statement, assuming  
it exists.

Thanks!

Chris