Topic
  • 6 replies
  • Latest Post - ‏2013-04-19T22:13:58Z by alanholc
bruneves
bruneves
44 Posts

Pinned topic Two ethernet interfaces on the same device to use the same IP address

‏2013-04-04T14:53:53Z |
Our objective is to achieve physical redundancy at all levels in the network. We would like to implement a configuration where two ethernet interfaces on the same device use the same IP address.

We found on the forum threads that were posted by Corey Scobie to suggest that this was possible in 2007 (https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14021678) and then not possible in 2010 (http://www.ibm.com/developerworks/forums/thread.jspa?threadID=329237). We also heard from someone else more recently that this was done on firmware 4.0.x, but was not an intended feature and therefore not necessarily supported.

We are in the process of testing this at my client site, but our concern is that if this is not a supported feature, that we may find ourselves in trouble later.

Need help in determining if this is supported or not and if we should go this way.

Our initial thought was to achieve redundancy at the F5 assuming that if one of the ethernet ports becomes unavailable, the outbound request from DataPower would be automatically routed through the available ethernet interface. However we are not certain if this will be automatic or if the outbound requests would start failing at this point?

Suggestions on how you have achieved physical network redundancy?
Updated on 2013-04-06T15:19:57Z at 2013-04-06T15:19:57Z by HermannSW
  • swlinn
    swlinn
    1395 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-05T14:30:38Z  
    I don't believe this is supported either. I've seen redundancy achieved with two ethernet interfaces configured on the same subnet but physically connected to different switches, and the service has front side handlers for each ethernet interface IP so if one goes down the service continues to process traffic. A load balancer would spray traffic across the two interfaces.

    Regards,
    Steve
  • HermannSW
    HermannSW
    6134 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-06T15:19:57Z  
    • swlinn
    • ‏2013-04-05T14:30:38Z
    I don't believe this is supported either. I've seen redundancy achieved with two ethernet interfaces configured on the same subnet but physically connected to different switches, and the service has front side handlers for each ethernet interface IP so if one goes down the service continues to process traffic. A load balancer would spray traffic across the two interfaces.

    Regards,
    Steve
    I think this is supported at least with the special IP address "0" (or "0.0.0.0").

    Having a service listening on "0" just tells that input from any interface is allowed.

    I just found two boxes with direct ethernet connection in addition to normal network connection.
    After defining "tcpproxy 21 0 21 192.168.1.65 22" on 1st box I was able to ssh into 2nd box
    directly via 2nd box network interface, as well as through tcpproxy listening on port 21 of 1st box
    (by "ssh beast -p 21").

     
    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>
  • bruneves
    bruneves
    44 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-16T19:34:19Z  

    Thanks, Steve and Hermann... We opened a PMR with IBM and they confirmed it is not a supported configuration.

    "The DataPower appliance does Not support standby control for two ethernet interface on the same appliance. It only supports one ethernet interface per standby group on an appliance."

    Thanks!

  • alanholc
    alanholc
    59 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-19T20:04:20Z  
    • bruneves
    • ‏2013-04-16T19:34:19Z

    Thanks, Steve and Hermann... We opened a PMR with IBM and they confirmed it is not a supported configuration.

    "The DataPower appliance does Not support standby control for two ethernet interface on the same appliance. It only supports one ethernet interface per standby group on an appliance."

    Thanks!

    We ran into the same problem on the XB62. We instead just used a DNS resolution solution by using 2 NICs with different addresses and having DNS resolve the alias to both.

    Clients will attempt connection to one address and if it fails will attempt the next address.

    It works on our private network well as I can physically unplug a NIC and traffic will immediately switch to the other NIC.

    Your mileage may vary, however...

    Hope it helps...

  • bruneves
    bruneves
    44 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-19T22:00:39Z  
    • alanholc
    • ‏2013-04-19T20:04:20Z

    We ran into the same problem on the XB62. We instead just used a DNS resolution solution by using 2 NICs with different addresses and having DNS resolve the alias to both.

    Clients will attempt connection to one address and if it fails will attempt the next address.

    It works on our private network well as I can physically unplug a NIC and traffic will immediately switch to the other NIC.

    Your mileage may vary, however...

    Hope it helps...

    Hey Alan, thanks for sharing your experience!

    My understanding is that your solution is very similar to the one Steve Linn mentioned above, however, instead of using the load balancer, you guys used the DNS server to do the same trick, is that correct?

    Also, I am supposing that you had to configure two FSHs in order to make the DataPower service listen to two different IP addresses, right? (You may have configured a single FSH using 0.0.0.0 as well if you do not have any other cable connected to the appliance...)

    Thanks!

  • alanholc
    alanholc
    59 Posts

    Re: Two ethernet interfaces on the same device to use the same IP address

    ‏2013-04-19T22:13:58Z  
    • bruneves
    • ‏2013-04-19T22:00:39Z

    Hey Alan, thanks for sharing your experience!

    My understanding is that your solution is very similar to the one Steve Linn mentioned above, however, instead of using the load balancer, you guys used the DNS server to do the same trick, is that correct?

    Also, I am supposing that you had to configure two FSHs in order to make the DataPower service listen to two different IP addresses, right? (You may have configured a single FSH using 0.0.0.0 as well if you do not have any other cable connected to the appliance...)

    Thanks!

    Yeah, you got the idea.

    For every listener we have 2 FSHs... FSH_Primary & FSH_Secondary, basically.

    I don't have anything using 0.0.0.0, however...