I’m running Linux Mint on a home server that happens to run pihole. Since it’s both a dhcp and dns server for my network, it has a static ip address. It has an ethernet connection as well as wifi and it’s always been my understanding that you can’t have two network interfaces sharing the same IP address, so I’ve been looking into ways to have one network adapter enabled and the other disabled and then if the network connection of the active device is lost, the other re-enables with the same IP address and disables the other device. This mostly work.
However while debugging one bit of software that seems to have a problem with me disabling my wifi adapter, I inadvertently enabled both the eth and wifi connections while each have the same, manually assigned ip address and everything so far just seems to work. I didn’t think this was possible and I’m wondering, should I expect problems? I can connect to the machine remotely fine, pihole and dvr services installed on the box work. Is there any reason to believe this won’t work?
What you seem to want is an active-backup bond, I have all my homelab servers with it so they can fail over when the core switch goes down for maintenance.
Proxmox provided an easy UI to setup but it can be done with any Linux distro.
Thank you for the link… I didn’t know that was a thing. In the mean time though I can’t find a problem with what I’ve got… 2 connections with the same IP.
Was thinking of this with keepalived creating a vrrp.
Yes
https://wiki.archlinux.org/title/Wireless_bonding
EDIT: oh wait, you configured them both with the same static ip address. Can you use a tool like
iftopto check that both interfaces are actually being used? You can also usetcpdump -i interfacenameor similar tools.It’s very possible that this setup doesn’t break, but isn’t true bonding, where both connections can be used at once for more bandwidth. Although, maybe this is an easy, reliable way to get a failover type system, where when the ethernet is disconnected it automatically uses the wifi. Or maybe it’s been using only the wifi this whole time.
Thanks for the reply. They seem to both be active. I don’t have iftop but tcpdump shows traffic on both, though much less on the wifi connection.
ip route shows:
default via 192.168.1.1 dev enp1s0 proto dhcp metric 100 default via 192.168.1.1 dev wlp2s0 proto dhcp metric 600 169.254.0.0/16 dev enp1s0 scope link metric 1000 192.168.1.0/24 dev enp1s0 proto kernel scope link src 192.168.1.4 metric 100 192.168.1.0/24 dev wlp2s0 proto kernel scope link src 192.168.1.4 metric 600I really didn’t think I’d be allowed to statically assign the same IP address to both interfaces, and surprisingly it seems to be working ok. I’m just wondering what I don’t know that’s going to bite me :)
The “metric 600” on your Wi-Fi adapter indicates to the system that it is a higher cost route than your Ethernet one. So the IP stack will prefer sending packets out via the Ethernet port.
Local devices who haven’t heard from you lately will send to whatever device gives them a response to their ARP (“who has IP address X?”) request first, and seeing as Ethernet is lower latency than WiFi, they will mostly use your Ethernet adapter as their target when sending data to you.
Devices that have received data from you already will have the MAC address of your Ethernet adapter in their ARP table, so they’ll just send packets to that without bothering to issue an ARP request.
Devices off your subnet talk to your router, so they don’t care about your MAC address, they’ll just use IP to talk to your router, who will then do the ARP request and hand the packets on to your computer via whatever interface answers first.
Thanks for the detailed explanation. Has this always been possible though? Was I just imagining that manually assigning to network adapters the same ip address wasn’t possible?
It’s often not possible on other operating systems. Especially the consumer versions of a certain operating system starting with “W”, that system will refuse to have duplicate IPs.
But essentially it’s always been possible (but, probably not preferred these days) to have redundant routes/paths on Unix systems. The way you have it now is more of a side effect of being able to do more complex network setups, like using different interfaces to talk to different subnets, or using a slow link as a backup to a fast link.
With your current setup you should get a slow failover ability, for example if you ping some other device and then unplug your Ethernet cable, you’ll have a bit of a pause in replies and then they will start again as the stack switches to the other link.
It’s perfectly possible on Linux to have several network adapters with the same IP address, or several default routes.
Most server applications will listen to 0.0.0.0 address, which means all network interfaces. Any incoming TCP connection will remember it’s network interface, and the server will send responses to the same interface.
This will not work for UDP connections, and for outgoing TCP connections - they will always choose the network interface with the lowest metric, which you can print with
ip rcommand.This does not include advanced techniques like bridge or bonding or iptables routing - you need to run special commands in the terminal, which you cannot do just by clicking your mouse in system settings app.
Is it possible to configure interfaces this way? Yes.
Will it work? No, not without bonding, and not with WiFi as one of the interfaces.
What won’t work, because at the moment everything seems to be working fine and I’m pleasantly surprised.
Oh, you are failing one over if the other fails? That’s not the same thing as configuring two interfaces with the same IP, gateway, at the same time, which is what I thought you were trying to do.
I’ve done this for years with no failover. Linux doesn’t care, zero issues.
That’s because only one interface is really being used. A TCP session will reset if the hop count or metric changes all the time, the SYN/ACK wouldn’t work.
Thanks for sharing your experience… so it really does work! I mean it certainly seems to be working fine and I keep thinking I’m overlooking something. I feel like I’m in a love triangle with 2 girls fully aware of the other and they’re fine with it… this feels like a disaster but everyone seems to be happy!
Yeah - I mean it’s technically “not ideal” but I simply don’t have any issues. I did have a windows computer that once complained about there being two devices on the network with the same IP but it didn’t stop it from working with it. I think that was some security software installed on that system though. This is the “less than ideal” part - it will look a bit suspicious if you have any security software that scans network traffic because “arp poisoning” is a common attack (basically stealing an IP address).
I simply wanted a fail-over but in the process got 2 interfaces with the same IP and I can’t find a problem with it 😄
Will UDP packets produce an error when sent or will they simply be received twice, potentially causing errors/issues?
Nope. The server receives UDP packet from WiFi and sends reply over Ethernet, which simply gets lost in your router. From the Linux side there’s no error, it sent the packet somewhere, and what happens next is your router’s problem.
That’s the thing about UDP packets… receipt isn’t acknowledged as part of the protocol. It’s send and forget. I’m not sure a UDP packet sent to my server would get lost but I’m not 100% certain there couldn’t be situations where the packet is received by the server on both interfaces, essentially duplicated. It’s been almost 30 years since I wrote programs that utilized UDP for communicating. I’m definitely a little rusty. 😄
Unless its rudp.
I don’t know how it’s working for you because I just tried on my PC and got an IP address conflict on my router.
You will need to make sure the IP you assign the adapter isn’t an IP the router will try to assign to another machine or device. The dhcp services don’t assign this IP address and it’s manually assigned in the adapter config so I guess the router doesn’t know or care.
I am kind of curious how traffic destined for this address doesn’t have issues though, like being received twice. Maybe I haven’t tested enough from a mix of devices on the network.
I’m at a loss as to how this would work consistently. If 2 interfaces share an IP without bonding, then only 1 would answer the ARP request from anothet host trying to establish a connection. If your system allows same static on 2 devices on same land, then other hosts talk to whoever establishes a session or answers the ARP request.
I’m curious why you would want this at all?
In terms of why, all I really want is for the machine to have the same, consistent ip address. Since it’s one of my networks dns and dhcp servers, I want it always available with the same ip. It’s hard-wired but has wifi, so in theory if the eth connection or switch it’s attached to dies, the wifi connection can kick in and it can still serve the network if it still has the same ip address, otherwise the wifi connection is no benefit.
Since I didn’t know I could assign both connections the same ip address and still be functional, I originally setup a script that monitors network status and disables the wifi if eth is active and then re-enables the wifi if the eth connection drops. This works well on my two servers with one exception… my dvr scheduling/recording services don’t work properly when the wifi adapter is disabled. Not sure why but that’s how I stumbled on this setup with both active with the same ip and realized everything just seemed to work.¯\_(ツ)_/¯
There is no DHCP, it’s all static addresses, but there is an ARP table maintained at the router, and modern routers protect against ARP poisoning, meaning the same IP cannot have two mac addresses, and they will churn out errors. It’s also a security nightmare because many low level packet tracing tools will not work or give out false positives. I still don’t know how it’s working for you, because by all accounts, it shouldn’t.
Metric seems to cause Linux to mostly arp reply on one interface. Not a lot of switching. I can even plug in an Ethernet cable during a network transfer to speed it up.
Linux treats ips as assigned to the host,so any interface can respond for packets sent to another interface (even if they have different ip addresses).
There is some network weirdness that a security scanner might complain about, but it “works”.
