I'm attempting to setup a server that needs to have interfaces on the same IP subnet, but different VLANs:
eth1.102 Link encap:Ethernet HWaddr 00:50:56:b1:00:0f
inet addr:10.1.1.6 Bcast:10.1.1.255 Mask:255.255.255.0
eth1.103 Link encap:Ethernet HWaddr 00:50:56:b1:00:0f
inet addr:10.1.1.12 Bcast:10.1.1.255 Mask:255.255.255.0
The issue I'm seeing is that when an ARP request comes in from a device on one of the subnets, the server only responds to the ARP on one interface and appears to ignore any ARP on the other interface:
1st interface:
# ping -I eth1.102 10.1.1.1
PING 10.1.1.1 (10.1.1.1) from 10.1.1.6 eth1.102: 56(84) bytes of data.
^C
--- 10.1.1.1 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7008ms
2nd interface:
# ping -I eth1.103 10.1.1.1
PING 10.1.1.1 (10.1.1.1) from 10.1.1.12 eth1.103: 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.400 ms
64 bytes from 10.1.1.1: icmp_seq=2 ttl=64 time=0.332 ms
^C
(for the record, 10.1.1.1 exists on both subnets in both VLANs)
# arp -an
? (10.1.1.1) at 02:00:1a:f2:00:02 [ether] on eth1.103
? (10.1.1.1) at 02:00:72:a3:00:08 [ether] on eth1.102
Even if I ping from the client device to the specific IP of the server interface it is still ignored on one and responds on the other.
Ubuntu has a few arp/spoofing filters by default, so I've turned off what I can find, i.e.
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
I've seen a fair few questions with similar issues but that's usually with ARP flux because its the same segment (not separated by VLAN) and the ARP request is being replied to by both, which isn't the case here. If I tcpdump both interfaces, the ARP coming in that doesn't get replied to is not seen anywhere on any other interfaces (thinking along the lines its responding on a different interface) - it just seems to silently ignore the request.
Anyone come across this before?
EDIT:
Okay feel like a bit of an idiot, but might help others...
I was in the right area by disabling rp_filter, but presumably because it is on by default with Ubuntu it had applied it to all interfaces, so whilst I'd set rp_filter=0 for the two listed entries above, the per-interface settings were still 1, thus..
# sysctl -w net.ipv4.conf.eth1/102.rp_filter=0
# sysctl -w net.ipv4.conf.eth1/103.rp_filter=0
... did the trick.