Why is it improper network design to have two physical NICs, one machine, same subnet, same netmask, same gateway, two different IP addresses?

Solution 1:

When you have multiple interfaces with the same subnets on a given machine you are going to have connectivity to the same network via multiple interfaces. Machine would not load-balance and likely pick a single interface for sending traffic out. e.g. Juniper routers pick the interface with the least IP address:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB24928

Multiple interfaces can give you redundancy but note that you can only have one default-gateway esp. if this is a Windows server. I am not sure if other OS will load-balance dual default-gateway routes.

Some redundant solutions include:

  • NIC-teaming.
  • Enable routing protocols like RIP or BGP on the server that can use all interfaces and learn the default-route dynamically.

Quad-port servers usually use: 2-ports for Public/Production Network. 1-port for private/management purposes, 1-port for data backup. Sometimes, some servers in clusters use 1 or 2 ports for heartbeats/keepalives.

Thanks.

Solution 2:

This all really depends on design of your service or topology. While I've never heard anything like that as "law", I could see why it would be inefficient.

If you are going to have two interfaces communicating in the same network/subnet, you might as well just put them in an etherchannel and not waste the additional IP address.

As to why they sell 4 NICs (or any number more than 1) on a single server really depends on the application running on it, but I can think of a couple reason.

  1. Etherchanneling/NIC teaming, redundancy is always a good thing. Sometimes just 1 additional port is enough, but maybe in the case of 4 someone is designing an ultra redundant service.
  2. Security, lots of people use multiple interfaces in different networks to create very secure bastion/jump/hop boxes.
  3. Software firewall/routing, there are a handful of examples of software packages or even operating systems that actually act as a router or more network centric security appliance. So multiple interfaces would be necessary for the device to participate in multiple physical LAN/WANs, again this would specifically depend on design. (if you're curious about this, go check out "Vyatta")
  4. And sometimes, that's just what it comes with. At a previous job we had some pretty heavy duty SQL databases that had 4 NICs, but we still only used one because we didn't need the others.

Those are the few I can think of.

Solution 3:

Unless you use source routing all traffic from all the IP addresses on the same subnet will be sent using one of the physical ports.

Source routing configures the routing tables so that the egress port is selected based on the source address, and then the destination address is used to determine where to send the IP datagram from that port.

Solution 4:

You shouldn't have the same subnet on different NICS. What can and does happen with some Operating systems and Applications: you receive traffic on one NIC say e1a. The application or OS then decides to reply. It does not check which interface it received the data on only which network. It then sends data to that network. It will sometimes pick the correct interface e1a and sometimes it will send data on e1b and the client application will never receive the reply because it is using e1a.