Is there any alternative to virtualization for handling two different interfaces, different networks and same IP range?

Question

I have a Linux box with two different NICs that are connected to two different networks, but they share the same IP range (10.0.0.x). My first idea was to use virtualization for that (i.e., Xen), but it seems to me overkill since I want to use the same programs without conflicts due routing.

I was wandering if there is a way to confine a NIC to something like a shell session, so all programs launched from there use only that NIC, like launching a bash session that only sees eth1 but not eth0.

edit: I guess I'm looking something similar to FreeBSD jails but for Linux

Answer 1

As stated by Ikraav, this is a job for network namespaces.

Let's call the interfaces to which your two NICs are connected eth-a and eth-b.

# Create the network namespaces
ip netns add net-a
ip netns add net-b

# Take interfaces up
ip netns exec net-a ip link set eth-a up
ip netns exec net-b ip link set eth-b up

# Assign the interfaces to the network namespaces
ip link set eth-a netns net-a
ip link set eth-b netns net-b

# Assign an address and network to the interfaces
# Assume IP is 10.0.0.1 for eth-a and 10.0.0.2 for eth-b
# The two can be set equal, if you want them to
ip netns exec net-a ip address add 10.0.0.1/8 dev eth-a
ip netns exec net-b ip address add 10.0.0.2/8 dev eth-b

# Packets to 10.0.0.3 going through eth-a, with a source of 10.0.0.1
ip netns exec net-a ping 10.0.0.3
# Or through eth-b, with a source of 10.0.0.2
ip netns exec net-b ping 10.0.0.3

If you prefer to have an interface that is the default exit one for programs not run inside a network namespace, just leave it assigned to the network namespace and do not prefix any command concerning it with ip netns exec net-*

Answer 2

If both the network address and subnet masks for the two separate networks are identical, your network is misconfigured in a way that defeats the basic intent of IP-routing.

I would renumber one of the networks.

Answer 3

Hmm, it seems I'm not describing well my problem. - @Darth Android At best, 'misconfigured' is infortunate to describe the situation: you're correct that this scenario generates a conflict in the routing table, but I'm trying to find a solution for that having two routes isolated from each other. The other solution would be using a proxy NAT, but it seems to me much more complicated than just running Linux virtualized inside a VM, like Xen. - @RedGrittyBrick I'm not trying to bridge two separate networks, I'm trying to access two seperate netowrks that use the same IP block.

I found two jails equivalents for Linux that do network isolation, it seems they'll do trick:

• Linux-VServer: http://linux-vserver.org/Welcome_to_Lin

• LXC: http://lxc.sourceforge.net/

Answer 4

Your question sounds like it's a job for network namespaces (url is related, not official). Using this technology appears to be relatively new as of this writing and I'm finding quite difficult to find concise HOWTOs that would also explain what's actually happening with each command. Googling "ip netns" (with and without quotes) would probably get you best started putting pieces together.