Solved

What good are dual Ethernet Cards on Servers?

Posted on 2013-01-19
14
195 Views
Last Modified: 2014-06-29
Hi,
What is the advantage to having two ethernet cards on a server or computer?
Thanks
0
Comment
Question by:rickpary
  • 4
  • 3
  • 2
  • +2
14 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 38796768
there is more reasons you may need 2 network adapters, for example:
1. as backup (1 fails, another is still working)
2. network balancing
3. traffic separation
0
 

Author Comment

by:rickpary
ID: 38796774
Do I assign them seperate IP addresses?
Does it increase the allowed traffic 2x?
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 334 total points
ID: 38796834
No, it messes up trafficking of data. It will cost you problems with the ARP table (also known as the routing table) on a computer.

It is often used for one of two reasons.

1) load balancing
2) routing over a server.

I don't recommend routing over a server because the process of routing requires removal and rebuilding of the TCP/IP headers for all packets. This requires a lot of buffer/memory and also requires a lot of processing speed. Taxing a server with the additional function of routing is not recommended. Stick with a physical router, rather than a server router.

Load balancing is also not recommended. Load balancing is usually used when you have too much network traffic on one nic and a second is used. Instead it is recommended you cluster servers for sharing the load between servers. A cluster will not only reduce traffic on servers it will also act as a failover in the event of one of the cluster partners fails.

So, there is NO real recommended reason for multiple nics on a server or computer. There is need in many cases for multiple connections on a router.

Virtualization might be a good idea. But, it doesn't sound like you are there yet.
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 166 total points
ID: 38796901
I have two NICs on a couple of computers to connect to two different networks.  I have it set up so that some of my computers use one internet service and the others use a different one.
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 334 total points
ID: 38797085
Again:

Load balancing and routing over are the (non-recommended) uses for multiple nics.

A practical application that will work very well on your network:
Put both Internet services on two nics with the router. Then, apply a metric to the router to choose between the two nics on an as-needed basis (the lower metric on the internet access with best throughput). Then, enable Link Aggregation Control Protocol on this router. This is called Link aggregation controls and it allows the router to decide the best route to use for multiple Internet connections.

Leave your machines (Including Servers) on the network with a SINGLE NIC. Otherwise, you mess up the routing table on those computers. Once you go to ONE nic per machine make sure you flush the ARP cache or you will see intermittent connectivity on machines because the traffic doesn't know what NIC to go to for default routing.

If you insist on using two nics here are some things that YOU MUST DO:
1) Only ONE nic should have a default gateway to prevent from default traffic going to the wrong nic
2) Only allow ONE nic to register within DNS as it's primary means to communicate with it.
3) Fixed routes for particular applications that need to go out the NON-default route.
4) disable the DHCP on the non-default nic
5) if you use NetBIOS for name resolution, only one nic should have Netbios enabled and that should be the nic on the same network as the domain servers.
6) upon enabling two nics, RRAS (routing and remote access service) will enable by default and so will your Windows firewall. This must be stopped or your computer will be used as a router and bridge the two networks.

All these steps are manual means to demand what nic the traffic goes to and what nic is used for communicating with that computer.

The defintion of Link Aggregation Controls:
http://en.wikipedia.org/wiki/Link_aggregation
0
 
LVL 32

Expert Comment

by:aleghart
ID: 38799324
I'm not sure if I'm on board with the 'no good reason' idea.  I have multiple NICs in my laptops and desktop to connect to separate networks and for troubleshooting.

For servers, the basic function of failover is a valid reason.  Simple failover from one NIC to the other, even on the same switch, eliminates a single point of failure.  Each NIC could also be connected to different sections of the LAN.
If Core1 goes down, a second NIC on Core2 will keep the server accessible.  No need to run another full server connected to the second core just for this scenario.
Load balancing is still useful with 100Mbps NICs and ports.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 166 total points
ID: 38799433
Although I'm using workgroups and not a domain, I did most of the steps that @ChiefIT listed above.  I have two internet providers so I have two networks and two external IP addresses.  

My original network is mostly fixed IP addresses so the web server addresses don't change when there is a power problem.  The second one is DHCP and also has a wireless router.  Some computers are connected to only the first network and some are connected to both.  Most of the ones that are connected to both have the metric set to favor the second network and have the 'gateway' removed from the first network so they will use the second network for internet.

This works very well for me.  The only irritating thing is that the Netgear router intercepts DNS requests.  That prevents me from using one of the command line utilities thru it because of the way it makes the request.
0
 

Author Comment

by:rickpary
ID: 39059181
confused and still investigating this...
0
 
LVL 32

Expert Comment

by:aleghart
ID: 39059205
rickpary,

What are your goals for multiple NICs?

Some people ask only because they have a box with multiple ports, and feel odd about leaving them empty.  I have a server with 10 NIC ports, and only one of them is used...because only one is needed to get the job done.  Somebody had other ideas when they built the thing.  But for it's current purpose, I don't need the other 9 ports.

What is the hardware, and its purpose?  Server? Firewall? Workstation? Desktop?
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 334 total points
ID: 39062490
Dual NICS on servers are used for one of four reasons:

1) Routing over the server (highly not recommended, a hardware router is recommended)
2) Load Balancing (not recommended, set up cluster servers)
3) Fail over NIC (Not a bad idea in the event one nic fails the other picks up the traffic, nevertheless cluster servers should do the same and give you more of a hardware failover than dual nics)
4) Hosting multiple web sites on a web server.

Other than that, adding dual nics often messes up the routing table on the server (The arp cache) and it will cause problems routing packets throughout your domain. Your configuration settings for these nics must be precise or you can run into problems routing and therefore mass problems with performance to include intermittent downage.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 39062868
ChiefIT,

I don't understand why you proclaim that routing on something other than dedicated hardware is not recommended.

I think that many in the *nix world of networking and firewalls would disagree.  So would Vyatta, who has abandoned their hardware routers and sells software installs.  So would Cisco, who sells a very expensive soft switch for VM environments.  Organizations dealing PCI are running soft routing and firewall in front of their servers, not dedicated (non-upgradable) hardware with ASICs.

Microsoft, in their ISA and SBS server heydays would probably have disagreed too.

I bought a Vyatta hardware router/switch for a BGP project.  Am now considering the software version now so I'm not locked into a small chassis without readily-available spare parts.  I can use off-the-shelf rackmount servers with redundant everything and get more throughput.  I'm pretty sure it will involve installing multiple NICs and doing routing.

None of my VMware servers have a single NIC.  Multi-homes for different services.  Link aggregation for bandwidth and/or failover.

And, last time I checked, I could host several (hundred, thousand) web sites on a server through a single NIC, or even a single virtual NIC attached to bonded NICs.

None of what I've described above is "not recommended" by any of the vendors that supply the technology.

There's more than one way to skin a cat.  Let's hear how the OP is planning to use it, or what the present/future goals are.
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 334 total points
ID: 39063692
It has to do with hardware components and too many people TAX the servers. Some used their servers to route over, and used up to much resources for the server to handle. RRAS with ISA firewalls, yes it's nice, if the hardware is used for nothing else.

Hardware firewalls With Hardware Routers have much more granular control over the packets over a servers. Plus, both have larger buffers and enough memory for the stripping, rerouting of each packet.

I HATE SERVERS THAT ARE USED AS ROUTERS. I have seen nothing but problems with all that I have seen. Too many people use it for routing AND other server functions. They are not designed for routers like hardware routers.

Also virtual routing is still within its infancy. However, virtual routing is MUCH easier to get back up upon a hack or configuration error of the routing. It's so easy to redeploy the virtual image. However, every time you go virtual, the console and any other User Interface are also networked packets. This increases traffic to route.

Everyting I hate about virtual or server based routing has to do with added traffic and available hardware resources for that device. It also has to do with administrative overhead, and knowledge of what you are doing as a virtual admin + network admin, and/or server based admin for RRAS and firewall edits. Sometimes it's easiest to keep things separated by hardware.

Sure Microsoft and Cisco and those folks have teams to configure things the way they want to include getting the right hardware straight for the job. But, does the typical admin have it all straight?
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Resolve DNS query failed errors for Exchange
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now