[CentOS] Multiple IP Address

[Ross S. W. Walker]

Brett Serkez wrote:
> 
> > > > I have only assumed it is the address that matches it's
> > > host name, which
> > > > is why I always configure that in the /etc/hosts file.
> > >
> > > Right, one would think so, but this doesn't seem to effect
> > > this behavior either.
> > >
> > > Shutting down and start up OpenVPN immediately effects 
> the behavior,
> > > indicating this behavior is dynamic.   I've been 
> searching for a way
> > > to effect this behavior, perhaps in a configuration file
> > > (/etc/sysconfig... or /proc/...) with no luck so far.
> >
> > I should have asked this, but what do you mean by the default IP on
> > a multi-homed host?
> 
> It is not multi-homed, as described in my initial post.  It has only
> one ethernet card with a single IP address.  The problem comes in when
> running OpenVPN which adds two virtual adapters, each with a unique IP
> address (i.e., 10.55.5.x and 10.55.6.x).

Ok, I see the setup now.

> When OpenVPN is stopped, all works fine, it is only with OpenVPN
> running that the server starts using one of the IPs from the last
> virtual adapter as its IP address, in some cases.

You mean it routes traffic over the OpenVPN interface that you do not
believe should go over that interface. What traffic is going over the
interface that shouldn't?

> > I am unsure whether there is a default IP at all and the 
> routing table
> > decides which interface depending on the source and destination IP
> > addresses used on the host.
> 
> OpenVPN does modify the routing table, but only for the specific
> subnet routing, ie. 10.55.5.0/24 and 10.55.6.0/24.

Do you have any dynamic routing protocol running like RIP or OSPF?

Can you post a 'netstat -r' when the VPN is up?

> The problem is that when a Windows desktop is OpenVPN connected to
> another CentOS system on the same local network as the subject server
> on an unrelated subnet ( i.e. 10.55.3.0/24) it is given the subject
> server's 10.55.6.x address vs. the ethernet 10.44.0.x address, which
> would work perfectly.

So your setting up VPNs within the LAN? Maybe you can give a little
more background at what your trying to accomplish so everybody can
get a better picture of what's going on.

> So from a Windows workstation on the local subnet, if I ping
> CentOServer I get 10.44.0.x, which is what I want.  If I am on the
> Windows desktop VPN connected to the other CentOS server on subnet
> 10.55.3.0/24 and I ping CentOSServer I get 10.55.6.x vs the 10.44.0.x
> I would have expected.  There should be no relationship between the
> originating Workstation's IP and the IP it is given for CentOServer,
> but there is, I am trying to understand why if there is a way to
> change this behavior.
> 
> Is this any clearer?

I would look at those routes again to make sure the OpenVPN software
doesn't perform route summarization and put in a route for the
whole 10.0.0.0/8 subnet on one of those interfaces.

-Ross

______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.