The easiest solution (if possible):
1. Don't have all these subnets routable to and from each other; isolate them. Best practices recommend that they do not route. 2. If you need bandwidth across separate physical NICs, put them into a large multimode VIF and then use VLAN tagging to separate the subnets.
The issue at hand is called "assymmetric routing" (Google it). I actually didn't realize there was a name for it until a couple years ago ;-) When you Google it, the write-ups are pretty interesting readings. It has its place, but I don't think this is not one of them.
Good luck.
Stetson Webster Professional Services Consultant Virtualization and Consolidation NCIE-SAN, NCIE-B&R, SCSN-E, VCP
NetApp 919.250.0052 Direct Phone stetson@netapp.com Learn more: http://www.imaginevirtuallyanything.com
-----Original Message----- From: tmac [mailto:tmacmd@gmail.com] Sent: Thursday, April 01, 2010 8:28 AM To: Romeo Theriault Cc: Holland, William L; Funke, Stefan; toasters@mathworks.com Subject: Re: routing issue with 2 vifs on same subnet?
I suspect if:
you turn ip.fastpath (back) on and you clear the default route, you may likely be OK.
The filer should only need the default route for its' own services like sending autosupport and if the mail server is on the same subnet, then the default route is really not needed.
When clients come in to a particular interface, ip.fastpath should allow the request to go back out the same way they came in.
might be worth a try to see if that in fact does it. --tmac Tim McCarthy Principal Consultant
RedHat Certified Engineer 804006984323821 (RHEL4) 805007643429572 (RHEL5)
On Thu, Apr 1, 2010 at 8:11 AM, Romeo Theriault romeotheriault@gmail.com wrote:
On Thu, Apr 1, 2010 at 8:22 PM, tmac tmacmd@gmail.com wrote:
just for kicks, have your tried:
route -f
on your filer? if sa default route is set up, it may be the culprit. you may not need the default route on the filer if all you services are on the same subnet.
Nope, haven't tried this. Since we have some clients that connect to
the
filers from other subnets I'm not sure that this would be a good idea
for
us.
-- Romeo Theriault