Added a second network interface, not able to PING it

I installed FreePBX on a VMWare platform and have it set up with two virtual NIC’s. I configured both of the interfaces from the GUI in FreePBX, both in the same network, but am unable to PING into or out of the second interface. I’m at a loss as to why.

Can we assume you set up the virtual NIC’s on different Ethernet segments?

Why would you want to configure two interfaces to the same IP network? If you have a reason to do that you should probably set up an ethernet bridge between them as routing between will be to say the least “confusing”. Please understand the difference between layer 3 (IP) routing and layer 2 (ethernet) switching.

I did setup two virtual NIC’s in VMWare. The reason for this is we are creating SIP bindings directly to a Metaswitch, and the Meta only allows for one SIP binding per IP address.

There should be no routing involved, they are both on the same subnet. VMWare is set to bridge its physical interface to the virtual interfaces. Is there something I’m missing?

You can easily add another ip address to an ethernet interface with (season to taste):-

ip addr add dev ethn

but that is basic networking and probably not available through any simple GUI.

My guess is you have a spanning tree problem, refer to VMWasre docs for that. to diagnose, tcpdump on your various interfaces perhaps?

You can’t have two physical interfaces in the same LAN. You must add secondary IP’s per Dicko’s method.

You can’t have two physical interfaces in the same LAN. You must add secondary IP’s per Dicko’s method.

(strictly you can do that if the ethernet interfaces are “bonded”, but as I alluded previously the bonding and/or bridging needs to be done at the VMWare level and although both are layer two they are not the same thing, otherwise any competent switch will partition the traffic that “doesn’t make sense” and wait for your span-tree setup to allow it through or not, so it is just easier to add another address on your layer three fabric and it will do as you want without you needing to understand, if you do want to understand, then honestly it’s all out there in google land and I encourage you to see why your deployment needs tweeking)

Also the bonding takes place below the MAC level. The bonded interface have single PHY (and MAC address) and appear as single interface to the Layer 3 driver.

I guess my point is the ether-channel or any of the collective 802.3ad technologies are immune from spanning tree issues by nature of where the fit in the OSI model.

This discussion is more pedagogical for the lurkers than for the OP that doesn’t seem to understand that communications occurs below layer 2.

This is also useful security information because everyone focuses on IP security but frequently forwards all layer 2 packets assuming they are link control layer. IPX can do much more than that. Nascent sysadmin’s beware!

I can but agree with (almost) all that, thanks Scott for elucidating/confusing all :wink:

LOL, I really have to question my intents and motives. Pure I am sure, simply to share from the crevices of my cranium.

Last time I used IPX was for 10 machines using mas90 over 10-base-5, they still got audited :slight_smile:

10Base5 the day men were men and networks ran on RG8 with vampire taps and AUI adapters.

My business partner came into my office today and reminded me hat I said 10 years ago before my 40th birthday. I said "in 10 years I will have outlived my usefulness) Well I am not quite there but I think a tipping point is when the irrelevant knowledge exceeds the relevant. Last time I looked at the work orders we don’t get a lot of calls to work on thicknet.

The good news is that properly setup VoIP would run on a 64k DDS circuit. There are more 0’s in the bandwidth but fundamentally Ethernet has not changed much in 20 years.

There is not two physical interfaces. There is one physical interface, and two virtual NIC’s created in VMWare.

Consider virtual NIC’s as physical interfaces, each will have it’s own different MAC address.

Hey Luke - Didn’t notice it was you. Weren’t we working on a project? If it’s the same guy I pulled that other firewall for you yesterday, it only took an extra month. We will get it out for you on Monday. It’s in better shape than the first one.

If I got the wrong guy just consider it the ramblings of a senile old man and I will check on Monday to see who this firewall belongs to.