Re: [gentoo-user] Double network cards
On Mon, 11 Jun 2007 16:19:58 +0200 Marco Calviani [EMAIL PROTECTED] wrote: Hi list, i would like some technical advice concerning the possibility of mounting two network devices on the same desktop computer. One network card (which is binded to a fixed IP) allows me to allow the machine to be visible on the public network... I call it 'eth0' while the second one (faster, the one i've installed now) is used to work. I call it 'eth1' -- I am a little confused whether you mean 'it used to work' or you 'use it to work' on a private subnet perchance. Would it be possible to install both of them, with the first one used only for accessing the machine from an external site? That should be possible. If the second interface is to be on a seperate subnet, it's so easy to do this that it's almost trivial. All you have to do is to assign a private ip address and plug it in to the private network, and you'll have two devices, on private, one public, and your computer can even function as a 'gateway' or 'router' if you want it to. Is that what you are trying to do? -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Double network cards
Hi, On Mon, 11 Jun 2007 16:19:58 +0200 Marco Calviani [EMAIL PROTECTED] wrote: i would like some technical advice concerning the possibility of mounting two network devices on the same desktop computer. One network card (which is binded to a fixed IP) allows me to allow the machine to be visible on the public network, while the second one (faster, the one i've installed now) is used to work. Would it be possible to install both of them, with the first one used only for accessing the machine from an external site? From hardware and driver side of the problem: Yes, of course. The other question, and you really didn't clarify on this, is whether your intended routing setup would work with such a configuration. But since Linux is extremely configurable in that regard, you probably can archive sensible results. Just specify a bit more information, like the networks (address/netmask) coming into play here. If both of your NICs are routing to the internet and you're offering services to the internet, the answer packets from those services will always take the route w/ lowest metric by default. You'd have to mark the packets e.g. w/ iptables on a user or application basis in order to influence routing so that outgoing service traffic takes another way than outgoing other traffic. But don't hesitate to tell more about your intended setup, it'll get probably easier to help you then. -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Double network cards
Hi all, thanks for replying. Actually the network with the fixed IP would be used only for accessing the machine from the internet (that would be its only use), since the other address is masked behind closed network. regards, marco On 6/11/07, Hans-Werner Hilse [EMAIL PROTECTED] wrote: Hi, On Mon, 11 Jun 2007 16:19:58 +0200 Marco Calviani [EMAIL PROTECTED] wrote: i would like some technical advice concerning the possibility of mounting two network devices on the same desktop computer. One network card (which is binded to a fixed IP) allows me to allow the machine to be visible on the public network, while the second one (faster, the one i've installed now) is used to work. Would it be possible to install both of them, with the first one used only for accessing the machine from an external site? From hardware and driver side of the problem: Yes, of course. The other question, and you really didn't clarify on this, is whether your intended routing setup would work with such a configuration. But since Linux is extremely configurable in that regard, you probably can archive sensible results. Just specify a bit more information, like the networks (address/netmask) coming into play here. If both of your NICs are routing to the internet and you're offering services to the internet, the answer packets from those services will always take the route w/ lowest metric by default. You'd have to mark the packets e.g. w/ iptables on a user or application basis in order to influence routing so that outgoing service traffic takes another way than outgoing other traffic. But don't hesitate to tell more about your intended setup, it'll get probably easier to help you then. -hwh -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Double network cards
Hi, On Mon, 11 Jun 2007 18:42:04 +0200 Marco Calviani [EMAIL PROTECTED] wrote: thanks for replying. Actually the network with the fixed IP would be used only for accessing the machine from the internet (that would be its only use), since the other address is masked behind closed network. OK, with non-ambiguous routing, I don't see any problems at all. Except, maybe, for your security policy if that server is now in DMZ _and_ LAN. But I think you're probably very aware of that... -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Double network cards
On Mon, 11 Jun 2007 18:42:04 +0200 Marco Calviani [EMAIL PROTECTED] wrote: Hi all, thanks for replying. Actually the network with the fixed IP would be used only for accessing the machine from the internet (that would be its only use), since the other address is masked behind closed network. regards, marco You probably want to set your routing table up so that packets to your internal subnet(s) go straight out internal interface, or to internal gateway, and the default route out your external interface. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Double network cards
On Monday 11 June 2007, dexter [EMAIL PROTECTED] wrote about 'Re: [gentoo-user] Double network cards': Marco Calviani pisze: Hi list, i would like some technical advice concerning the possibility of mounting two network devices on the same desktop computer. One network card (which is binded to a fixed IP) allows me to allow the machine to be visible on the public network, while the second one (faster, the one i've installed now) is used to work. Hello If You are going to use both devices to access the same address space then afaik it is not possible. I think it could be done with static routing, but You would require properly configured router. Which (surprise!) is the same thing as a properly configured linux box. :P Basically, you simply need to make sure you configure routing for the internet at large correctly. This will generally involve some sort of source-based routing and/or some custom dhclient scripts and/or assigning proper metrics to your routes and telling the kernel how to use those metrics when there are multiple routes to a single IP. We have two networks here at the house: the cable internet (9Mbps/1Mbps, but those speeds can't be counted on, dynamic IP) and the DSL (1.5Mbps/512Kbps, I think, block of static IPs). I've got two NICs so I'm on both of them. Virtually all traffic uses the cable connection (http requests, bittorrent, etc.), but the DSL connection is available for traffic (ssh, local mail server [on the same subnet], etc.). Here's the relevant parts of my setup: /etc/conf.d/net: config_eth0=( dhcp ) modules_eth0=( pump ) pump_eth0= config_eth1=( 69.154.123.205/29 brd 69.154.123.207 ) modules_eth1=( !plug ) /etc/iproute2/rt_tables: 127 dsl /etc/conf.d/local.start: sbr-init /usr/local/sbin/sbr-init: #!/bin/bash # Clear tables ip route flush table dsl 2- # Fill tables ip route add 69.154.123.200/29 dev eth1 table dsl ip route add 0.0.0.0/0 via 69.154.123.206 table dsl # Reset rules ip rule del pref 16000 from 69.154.123.205 2- # Set rules ip rule add pref 16000 from 69.154.123.205 table dsl -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Double network cards
On Monday 11 June 2007 10:19:58 am Marco Calviani wrote: Hi list, i would like some technical advice concerning the possibility of mounting two network devices on the same desktop computer. One network card (which is binded to a fixed IP) allows me to allow the machine to be visible on the public network, while the second one (faster, the one i've installed now) is used to work. Would it be possible to install both of them, with the first one used only for accessing the machine from an external site? Thanks in advance, marco Absolutely... the only limit is how many slots you have to work with. -- Jerry McBride -- [EMAIL PROTECTED] mailing list
