I'm trying to add a second network interface to Ubuntu 18.04 instance on Amazon EC2. I followed this guide from Amazon on how to do it, and added a /etc/netplan/51-eth1.yaml file with the following content:
network:
version: 2
renderer: networkd
ethernets:
eth1:
addresses:
- 172.31.10.13/20
dhcp4: no
routes:
- to: 0.0.0.0
via: 172.31.0.1
scope: link
table: 1001
routing-policy:
- from: 172.31.10.13
table: 1001
So my routing table now looks like this:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.0.1 0.0.0.0 UG 100 0 0 eth0
172.31.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1
172.31.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
172.31.0.1 0.0.0.0 255.255.255.255 UH 100 0 0 eth0
However, pinging an address on the same subnet using ping -I works only from the eth1 interface. I do see the replies arriving correctly on eth0, but it looks like the OS ignores them for some reason.
Running a ping on eth0 together with tcpdump on the same interface I get the following output:
PING 172.31.5.193 (172.31.5.193) from 172.31.10.197 eth0: 56(84) bytes of data.
06:00:15.186249 02:bb:3e:8f:3f:1c > 02:29:0b:80:74:b4, ethertype IPv4 (0x0800), length 98: 172.31.10.197 > 172.31.5.193: ICMP echo request, id 3538, seq 1, length 64
06:00:15.186635 02:29:0b:80:74:b4 > 02:bb:3e:8f:3f:1c, ethertype IPv4 (0x0800), length 98: 172.31.5.193 > 172.31.10.197: ICMP echo reply, id 3538, seq 1, length 64
06:00:16.201069 02:bb:3e:8f:3f:1c > 02:29:0b:80:74:b4, ethertype IPv4 (0x0800), length 98: 172.31.10.197 > 172.31.5.193: ICMP echo request, id 3538, seq 2, length 64
06:00:16.201513 02:29:0b:80:74:b4 > 02:bb:3e:8f:3f:1c, ethertype IPv4 (0x0800), length 98: 172.31.5.193 > 172.31.10.197: ICMP echo reply, id 3538, seq 2, length 64
^C
--- 172.31.5.193 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1030ms
So all addresses are correct, but the packets are still regarded as lost. The same thing happens with TCP connections on the interface – the SYN-ACK arrives but ignored. I have verified that iptables rules are accept by default, and no other rules exist. Any idea what's wrong here?
Best Answer
May I ask why do you need 2 NICs on the same subnet? That’s hardly ever needed.
If you simply need 2 Private IPs or 2 Elastic IPs you can assign the secondary one on the existing interface: Secondary Private IP Address
Hope that helps :)