What can cause two network interfaces on the same machine to flip flop their IP addresses?

We have a Linux (debian) server that has two NICs that are connected to the same switch. (We used to have a switch dedicated for traffic between our servers but when most of our servers moved to a colo facility that switch moved as well.) These NICs have different static IP addresses but about once a month arpwatch will send out a pair of flip flop messages as one of the IPs bounces from one interface to the other and back. What could be causing this?

This might be related to Linux ARP behavior with multiple NICs on the same network and has been discussed in this Server Fault question. Basically you need to set some sysctl parameters:

net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2

These will cause ARP replies to only go out on the network interface that actually owns the IP address being requested in the ARP request.

As mentioned in the above-referenced question this is because by default in Linux the host owns an IP, and not a particular interface, so the replies will go out on whatever interface it chooses. This can cause problems when you have multiple interfaces on the same network and is exactly what the above sysctl parameters modify.

reference: http://serverfault.com/questions/58146/what-can-cause-two-network-interfaces-on-the-same-machine-to-flip-flop-their-ip

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 變更 )

Twitter picture

You are commenting using your Twitter account. Log Out / 變更 )

Facebook照片

You are commenting using your Facebook account. Log Out / 變更 )

Google+ photo

You are commenting using your Google+ account. Log Out / 變更 )

連結到 %s