redundant NICs

Nicholas Leippe nick at
Thu Aug 18 11:30:17 MDT 2005

On Thursday 21 July 2005 10:07 am, Steve Jibson wrote:
> We have a few servers with "bonded" NICs and they seem to be working
> quite well.  We have a couple of Linux firewall boxes with 5 Ethernet
> ports.  They have two 2-port GB NICs and an single on-board NIC.  The
> system provides a link between three subnets (the third subnet is not
> really that important so it has not redundancy).  The basic setup is this:
> NIC1 - Port 1 --> eth0
> NIC1 - Port 2 --> eth1
> NIC2 - Port 1 --> eth2
> NIC2 - Port 2 --> eth3
> NIC3 (on board)--> eth4
> eth0 and eth2 are bonded to make bond0
> eth1 and eth3 are bonded to make bond1
> eth4 is not bonded so it's just eth4
> eth0 and eth2 are plugged into separate switches on subnet A
> eth1 and eth3 are plugged into separate switches on subnet B
> eth4 is plugged in to subnet C

I'm planning something similar, and am gathering ideas.

Each of your two subnets has two switches, right (4 total)?
How do you handle routing since there are two subnets?
Your bond0 is on the 192.168.0/8 network, so I assume you have
a gateway at or something.
Do you just add another gateway for the other subnet?
How does it react when one subnet goes down entirely?

What's on the private side of one of the firewalls?

What's on the public side of each firewall?

> On a side note:  (just in case this isn't already enough of a headache)
> we have two identical firewall boxes, both with 5 Ethernet ports as
> described above, running heartbeat ( with one of the
> boxes acting as a hot-standby for the other.


