Handling Multiple Interfaces on Client System?

johnpoz

For the life of me why would you have both wifi and ethernet on at the same time in the first place? Normally you would setup the box to disable wifi when ethernet connected..

That is how my laptop works.

I have to on purpose enable the wifi after connecting ethernet if want to do something odd. Also you should hand your display its own name vs a reservation. Why in the world world would say ssh be listening on your display ;)

From dns point of view you would need to use different name for different IP if you want to distinguish which one you connect to. If you have multiple IPs for the same record, then you would get them back round robin style or all of them depending. Normally you would have wifi and wired on different networks, using different domains - so for example on my network wired is local.lan, while one of the wifi networks is wlan.local.lan and there is dmz.local.lan and psk.local.lan, etc. So If want to talk to a devices wlan IP would use host.wlan.local.lan to resolve it.

JKnott

@johnpoz said in Handling Multiple Interfaces on Client System?:

For the life of me why would you have both wifi and ethernet on at the same time in the first place? Normally you would setup the box to disable wifi when ethernet connected..
That is how my laptop works.

WiFi connects automagically, when the computer is powered up. If I expect to be doing some serious file transfer, I will plug in the Ethernet cable. The WiFi is still up, resulting in both interfaces connected to the same network at the same time. As I mentioned, the metric will be used to determine which interface is used. There is no need to turn off the WiFi when Ethernet is connected. With Linux, the WiFi address is still reachable, when Ethernet is connected. So, I can ping, ssh or whatever to the WiFi host name and it just works fine.

Here's what the "ip route show" command shows:
default via 172.16.0.1 dev eth0 proto dhcp metric 100
default via 172.16.0.1 dev wlan0 proto dhcp metric 600
172.16.0.0/24 dev eth0 proto kernel scope link src 172.16.0.42 metric 100
172.16.0.0/24 dev wlan0 proto kernel scope link src 172.16.0.40 metric 600

WiFi has the metric 600 and Ethernet 100. This means that Ethernet is the preferred connection. If it wasn't connected, then WiFi would be used. This is basic routing, where routers pick the lowest cost (metric) when choosing a route.

The WiFi address is 172.16.0.40 and Ethernet 172.16.0.42.

I can ping either address.

The MAC for WiFi is 38:59:f9:e0:7d:5d and Ethernet f0f1:8c:dc:99. If I ping the WiFi address and watch with Wireshark, I can see the packets for the WiFi IP address 172.16.0.40 contain the Ethernet MAC address f0f1:8c:dc:99.

This means the problem described by the OP does not happen with Linux, and I expect macOS, but it does with Windows.

Now, perhaps instead of arguing about this, he could simply try it and let us know the results. That is connect via Ethernet, with WiFi up, and see if he can ping the WiFi ip address. If he can, his problem is solved.

BTW, I just noticed this site likes to insert a German flag in the Ethernet MAC address. I guess this is because the 2 hidden characters are "de".

JKnott

@johnpoz said in Handling Multiple Interfaces on Client System?:

That is how my laptop works.

Windows perhaps?

I have to on purpose enable the wifi after connecting ethernet if want to do something odd. Also you should hand your display its own name vs a reservation. Why in the world world would say ssh be listening on your display ;)
From dns point of view you would need to use different name for different IP if you want to distinguish which one you connect to. If you have multiple IPs for the same record, then you would get them back round robin style or all of them depending. Normally you would have wifi and wired on different networks, using different domains - so for example on my network wired is local.lan, while one of the wifi networks is wlan.local.lan and there is dmz.local.lan and psk.local.lan, etc. So If want to talk to a devices wlan IP would use host.wlan.local.lan to resolve it.

As I mentioned, the only relevant IP address/host name is the WiFi. Linux is able to figure things out. On the other hand on the same computer, running Windows 10, WiFi is disconnected when Ethernet is connected, which means a different IP address/host name has to be used.

Since the OP is running macOS, I expect it will behave the same as Linux. However, the way to find out is for him to try it. It's not hard to do and will take only a few seconds.

johnpoz

dude not sure why your having a hard time understanding his point..

Yeah client will USE the best interface per a metric for outbound connections. He point is he on on a different machine.. And wants to ssh to said box with multiple IPs.. And wants to connect to specific IP..

His box has 3 IPs... A B and C... he wants to create a connection to A via name.. How would linux magically handle this when dns hands back C or hands back All 3 of them??

JKnott

@johnpoz

Unless I'm mistaken, he has multiple interfaces on the same system, just like I have here. I thought he didn't want to use different host names/IPs when connecting. If that is correct, then what I described is exactly what he wants. As long as WiFi is up he does not have to worry about the Ethernet address or host name. I expect, with his computer, WiFi is always up and would have an IP address. BSD is likely able to handle that, just like Linux does. So, all he has to do is plug in Ethernet and then try pinging the WiFi address. If that works then his problem is solved. He can also use the ifconfig command, to see what the metric is for each interface. As long as WiFi has the highest metric, then this will work fine.

Again, this will not work with Windows.

JKnott

@johnpoz said in Handling Multiple Interfaces on Client System?:

How would linux magically handle this when dns hands back C or hands back All 3 of them??

I have attached 2 files, one of pings and the other for arp. Please note the MAC addresses. It's the same for both the WiFi and Ethernet IP addresses, which shows that the same interface, Ethernet, is being used for both. I'll have to try again later, after the MAC addresses have expired from the cache, to show what happens from the first arp broadcast. Regardless, at the moment, my desktop computer arp cache lists the same MAC for both Ethernet and WiFi IP addresses.

172.16.0.40 dev eth0 lladdr f0f1:8c:dc:99 STALE
172.16.0.42 dev eth0 lladdr f0f1:8c:dc:99 STALE

Substitute "de" for the German flags.

arp.pcapng ping.pcapng

JKnott

@JKnott said in Handling Multiple Interfaces on Client System?:

I'll have to try again later, after the MAC addresses have expired from the cache, to show what happens from the first arp broadcast.

Further on this by reflecting on how arp works. When there is no arp cache entry for an IP address, the device will send the arp request to the broadcast address. Then the device that has that IP address receives the request will reply. In the case I've been describing, where there are 2 interfaces, it will reply through the one with the lowest metric, even though the broadcast was heard on both interfaces. After this, the arp cache now has an entry for that IP through the interface that has that lowest metric. Further requests go to the same MAC, rather than broadcast. As a result, the WiFi address is listed as having the same MAC as Ethernet and so all traffic for it go through the Ethernet port.

mbelanger

Wow. I didn't anticipate my question would generate such a discussion. Thank you to those who chimed in and helped me better understand how Linux networking works in this specific instance.

@JKnott got my situation. At various times, I might connect via three different interfaces (Wi-Fi, Display Ethernet, Thunderbolt Ethernet dongle). WiFi is always on, but I'll connect to hardline when pulling down distribution ISOs or backing up my Blu-ray rips to b2. Using pfSense Static DHCP mappings has a field for hostname, in which I can put "lappy" for all three interfaces or "lappy-en0, -en2, -en3" as appropriate. The latter doesn't help solve my problem, but the former doesn't really work either, as DNS will return all three addresses regardless of whether they are up. Ultimately, this problem is beyond the scope pfSense to solve. Since I leave WiFi on most of the time, I opted to set that interface to "lappy" and the other two by appending their interface suffix.

One clarification about Mac networking, though. In typical Apple fashion, they don't use metric to determine interface to go through. Instead, one sets the preferred service order either via the GUI or the CL tool networksetup, which I suppose is simpler to grok than using metric. FYI.

JKnott

@mbelanger said in Handling Multiple Interfaces on Client System?:

One clarification about Mac networking, though. In typical Apple fashion, they don't use metric to determine interface to go through. Instead, one sets the preferred service order either via the GUI or the CL tool networksetup, which I suppose is simpler to grok than using metric. FYI.

That's curious, as Mac OS is based on a BSD, just like pfSense. The FreeBSD under pfSense does show a metric. However, since I don't have multiple connections to the same network, I can't check it.

So, if you connect via Ethernet and then ping the WiFi address it doesn't work? It certainly does with Linux, but not Windows.

mbelanger

@JKnott said in Handling Multiple Interfaces on Client System?:

So, if you connect via Ethernet and then ping the WiFi address it doesn't work? It certainly does with Linux, but not Windows.

They have different IP addresses assigned to them, so it depends which address you ping. I'll try changing the hostnames to match in pfSense later and report back.

That said, the DNS client story within macOS isn't that great, so it's difficult to troubleshoot. Apple-built tools and POSIX tools don't use the same DNS lookup mechanisms. As such, nslookup, dig, dscacheutil and scutil can return different results. Some third-parties, like Google, use their own implementations. A few OS revisions ago, Apple released a new solution for DNS lookups, but it was fraught with problems and they ultimately gave up and restored the older solution as the primary.

JKnott

@mbelanger said in Handling Multiple Interfaces on Client System?:

They have different IP addresses assigned to them, so it depends which address you ping.

Yes, I know they have different addresses assigned. That's the whole point of what I've been saying. On Linux, if I ping the WiFi address, when Ethernet is connected, I still get an reply, even though it goes through the Ethernet port. Have you tried what I asked, that is ping the WiFi address? Forget anything about host names at this point, we're focusing on addresses only. For example, on my notebook, WiFi is 172.16.0.40 and Ethernet is 172.16.0.42. When Ethernet is connected and WiFi is up, pinging 172.16.0.40 will get a reply. Have you tried that? You seem to keep going back to host names, when at this point they're irrelevant to the discussion.

mbelanger

@JKnott Not yet, but I'm traveling and won't be able to test until early next week. I will do so and respond upon my return.