-1

I have several computers all connected to the same switch. Some computers are running RHEL, one is running CentOS.

The CentOS machine is connected with NIC 2 to switch 2, and NIC 1 to switch 1.

The RHEL machines are connected to switch 1.

Both switches are "unmanaged".

The CentOS machine has 2 NICs, I want to use the second NIC to connect to the switch with the RHEL machines. Please see attached picture:

enter image description here

The CentOS machine is connected to switch 1 with NIC 1 just so that we can quickly transfer files between the CentOS machine and the RHEL machines. The CentOS machine is connected to Switch 2 with NIC 2 because our department IT won't let it be connected to switch 1 for outside internet access. We want to use NIC 1 for local file transfers.

I'm wondering how to have the RHEL machines and the CentOS machine realize that they are connected on the same switch when transferring files. I am trying to accomplish this by using the second NIC on the CentOS machine.

I've tried setting both NICs to different static IP addresses. I set both to the same static IP address, it partially worked, but then connection through NIC 1 started working, connection through NIC 2 stopped working.

The CentOS computer doesn't have access to the DHCP server through switch 1. All of the RHEL machines through switch 1 are connected to the same DHCP server and we don't have administrative access to it. The problem is we can't connect the CentOS computer directly through switch 1 to the RHEL computers

Veridian
  • 109
  • 1
  • 4
  • 1
    `The CentOS machine is connected to switch 1 just so that we can quickly transfer files between the CentOS machine and the RHEL machines. The CentOS machine is connected to Switch 2 because our department IT won't let it be connected to switch 1.` - These two statements contradict each other. – joeqwerty Apr 16 '14 at 21:59
  • 1
    What have you tried and what did not work? This is a bog-standard network design for multihoming a system to multiple networks, there's nothing out of the ordinary I can see here. –  Apr 16 '14 at 22:08
  • I don't see where you describe any problem. You say you tried setting both NICs to different static IP addresses. Presumably that didn't work or you wouldn't be asking the question, right? So what went wrong? What is the actual problem? Are these two different networks or are these two switches in turn switches to each other? – David Schwartz Apr 16 '14 at 22:44
  • @DavidSchwartz, The CentOS computer doesn't have access to the DHCP server through switch 1. All of the RHEL machines through switch 1 are connected to the same DHCP server and we don't have administrative access to it. The problem is we can't connect the CentOS computer directly through switch 1 to the RHEL computers. – Veridian Apr 16 '14 at 23:07
  • Then you need to talk to your network admins to get a static IP address assigned to you for the second interface on the CentOS system. It needs an IP. It has to be an IP on the same subnet as the RHEL boxes if you want to talk directly. If you can't get an IP via DHCP, then you need to manually configure one. –  Apr 16 '14 at 23:11
  • @yoonix, There is no way to configure the switch somehow? Or configure the RHEL machines to inform them that the CentOS machine is connected to the same switch? Then we could use 'scp' to a specific IP we assign the NIC? The subnet that switch 1 is under is only for department managed computers and our IT department won't give us access to the DHCP server, so we were hoping to setup a local network with our group's department managed RHEL machines through switch 1 without affected the RHEL machines' connectivity. – Veridian Apr 16 '14 at 23:15
  • No. Can you not just obtain a lease from the DHCP server and be done with it? If you cannot get an address assigned to the CentOS box that lives on the same subnet, you cannot talk to it via TCP/IP directly. You could in theory hack up something ugly that assigns another IP address to both the RHEL machine and the CentOS machine that are within the same 'other' subnet. If your network nazis won't let you touch the DHCP server, nor assign you a static address for the CentOS machine, I can't possibly imagine adding another IP subnet would make them happy. –  Apr 16 '14 at 23:22
  • @yoonix, No, we can't get another IP address for the CentOS machine, they only gave us 1 for NIC 2 connected to switch 2, which is on a different subnet than switch 1. Since we manage the CentOS machine, they won't let us connect NIC 2 to switch one; they won't let the machines be on the same subnet. In theory, if I could talk to the IT guys, what should I be asking for so I can make it less of a headache for them? – Veridian Apr 16 '14 at 23:28
  • 1
    Ask for an IP address on the same subnet as the RHEL machine you want to talk directly to. If that's not an option, then you'll need to give up the desire to talk directly and talk to it through a router between the two subnets. –  Apr 16 '14 at 23:30
  • You should really ask your IT Department to help you with that... – MichelZ Apr 17 '14 at 09:06

1 Answers1

1

Well to start with, the CentOS machine should have a different IP on each NIC.

It seems that that all of the servers are on the same subnet (please clarify). If this is the case, then you can force traffic to a specific nic by putting host routes on the CentOS server for the RHEL machines (assuming there are only a few this shouldn't be a problem). You should set the default gw to go via nic2 (route add default) and specific routes for each of the RHEL machines (route add ...). See the route man page for specific details.

If there are different subnets for nic1 and nic2, then yoonix's comment above is right, this is pretty standard and should just work.

MERM
  • 240
  • 1
  • 6
  • The switches are on different subnets. The CentOS computer doesn't have access to the DHCP server through switch 1. All of the RHEL machines through switch 1 are connected to the same DHCP server and we don't have administrative access to it. – Veridian Apr 16 '14 at 22:58
  • Well, you could manually assign an IP to the CentOS nic on switch 1 in the same subnet as the RHEL machines and then it could talk to them. Then on the nic on switch 2 you could either manually assign or use DHCP to get an IP for Internet access. – MERM Apr 17 '14 at 04:25
  • Yes, well IT doesn't want the CentOS machine on the same subnet as the RHEL machines because the RHEL machines are department managed and the CentOS machine is managed by my group. IT fears that having the CentOS machine managed by us and on the same subnet could introduce a security hole in their system because my group would be responsible for insuring the CentOS machine is secure (IT can't trust us to fully ensure this). Given that knowledge is that anything you can see that would work? – Veridian Apr 17 '14 at 14:15
  • If the CentOS machine is not on the same subnet as the RHEL machines then you will have to go thru a router for them to talk. Switch 1 may have this functionality but from what you said IT prob. wont do this for you. You could connect from the RHEL machines (presumably on the Internet) to the public IP of the CentOS machine. This is kind of silly, going out to the Internet and back in, but it probably would satisfy your IT guys as the traffic would have to go through their firewalls. – MERM Apr 17 '14 at 15:12
  • MERM, I'm thinking what you mentioned already takes place, but not sure. The RHEL machines and CentOS machines can talk to each other, but through some higher level interface (of which I am not sure what exists). I want their to be a faster method of data transfer between the CentOS machine and the RHEL machines by connecting the second NIC of the CentOS machine to the same switch as the RHEL machines. Right now the connection when transferring files is relatively slow (much slower than transferring data between RHEL machines). – Veridian Apr 17 '14 at 15:17
  • Yes, going out and back in would be slower. Do the RHEL machines have a second NIC? You could directly connect a RHEL machine to the CentOS machine and use it as a gateway to the others. You would use a private IP subnet in this case. – MERM Apr 17 '14 at 15:24
  • Some the RHEL machines have a second NIC. Since we don't have root access on these machines, could we even set up the second NIC? – Veridian Apr 17 '14 at 19:48
  • Without root access to the RHEL machines you can't setup the other nic. I think that at this point it is a political fight to try and convince your IT to put the CentOS machine in the RHEL subnet, failing that you will have to live with slow transfers. – MERM Apr 17 '14 at 19:52
  • I know I haven't given you full details of the setup (because I truly don't know them), but theoretically, do you think there is a potential security flaw if the CentOS machine is compromised and on the same subnet as the other machines (beyond these RHEL machines) that are IT department maintained? – Veridian Apr 17 '14 at 20:10
  • The CentOS machine (if compromised) could be used to attack (try to find security flaws and access) the RHEL machines on the same subnet. Being on the same subnet allows it to talk to those machines without going thru any firewall and thus would make it easier to exploit them. The RHEL machines would only have local firewalls (ipchains, ipfw, ...) to prevent intrusion, if there are any setup. – MERM Apr 17 '14 at 20:26