On Thu, Oct 1, 2009 at 2:02 PM, Timo Schoeler <timo.schoeler@riscworks.net> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi list,
I have a weird (?) problem here on a setup running CentOS 5.3 x86_64
(and OpenVZ, and some home-brew L2TP daemons, RIPd, BGPd, etc).
There's a (VE in OpenVZ speak) virtual machine that has two ethernet
interfaces, seen as eth0 and eth1, respectively. Those live in VLANs,
but it's not important here.
The thing is that on eth1 the default route lives, while on eth0 all
traffic comes in.
So, sending a ping to the IP address of eth0 tcpdump shows that the echo
request (type 8) packet arrives on the machine. However, the machine
does _not_ send an echo reply (type 0) back to the machine that pings
eth0, maybe because it would have to emerge from eth1.
One exception (an obvious one) is that IPs on the /29 where eth0 lives
on _can_ ping eth0 and receive an answer -- this is because the packets
don't have to take 'the default route', which lives on the other
interface, eth1.
This seems to me like decent behaviour.
However, I really need eth0 to be able to be pinged from the outside
world, it's totally okay for me that eth1 would 'answer' and send the
echo replies instead of eth0.
Is there anything I can tweak (via sysctl or whatever)?