3

I want send out data from one NIC and received by another NIC on a CENTOS6.4( X86 frame ,3 NIC, one is onboard realtek's, the other two is intel NICs ).

First,I configured intel nic ip: (eth0) 192.168.1.1/24 and (eth1) 192.168.1.2/24 on two intel NICs.

Second, I add route by following cmds:

# route add -host 192.168.1.1 dev eth1 # route add -host 192.168.1.2 dev eth0

Third, I enabled accept_local in /etc/sysctl.conf:

net.ipv4.conf.eth0.accept_local = 1 net.ipv4.conf.eth1.accept_local = 1

And I also disabled iptables and SElinux. I reboot the system, then use a wire connect eth0 and eth1, then I test like this: 

#ping 192.168.1.1 -I eth1

Message returned:

"From 192.168.1.2 icmp_seq=xx Destination Host Unreachable"

Has I missed something?

I have read this topic How can configure linux routing to send packets out one interface, over a bridge and into another interface on the same box already.

Improve this question
3
  • dmesg | grep eth tells you that both eth's link layer is up? Commented Mar 11, 2013 at 12:58
  • Yes , both eth0 and eth1 is up as posted below. e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX e1000: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX . Commented Mar 12, 2013 at 2:09
  • Is there other ways to accomplish such feature? Commented Mar 12, 2013 at 9:17

1 Answer 1

Reset to default
4

try set sysctl -w net.ipv4.conf.all.rp_filter=2

Refer https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

accept_local - BOOLEAN Accept packets with local source addresses. In combination with suitable routing, this can be used to direct packets between two local interfaces over the wire and have them accepted properly. rp_filter must be set to a non-zero value in order for accept_local to have an effect. rp_filter - INTEGER 0 - No source validation. 1 - Strict mode as defined in RFC3704 Strict Reverse Path Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded. 2 - Loose mode as defined in RFC3704 Loose Reverse Path Each incoming packet's source address is also tested against the FIB and if the source address is not reachable via any interface the packet check will fail. Current recommended practice in RFC3704 is to enable strict mode to prevent IP spoofing from DDos attacks. If using asymmetric routing or other complicated routing, then loose mode is recommended. The max value from conf/{all,interface}/rp_filter is used when doing source validation on the {interface}. Default value is 0. Note that some distributions enable it in startup scripts.
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.