12-25-2008
Mutiple nics on Freebsd 7.0
I had the pleasure of having a gig nic given to me this week, which also appears on the hardware list of FreeBSD.
What I would LIKE to do is:
1). Set my 10/100 nick as the dedicated outside/internet connection with a lan ip of 192.168.1.100
2). Set the gig nick as the dedicated inside/lan connection with a lan ip of, eh, 192.168.1.(different number).
This is my home file server, and the gig nic I think would be better served for the lan then outside connections. Other then weekly remote backupus from a buisness machine, there is no trafic coming in to this box from the outside world.
This is what I think I should do:
BSD Guides :: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X
In other words, set an alias entry into my rc.conf for one of the nics.
But, here is where my questions are.
1). Which nick should be the primary? (internal lan or external internet). My guess is the primary address should be the internet nick.
2). Will both ip's/connections appear in my router? So that I can shut down all internet trafic to the one nic?
**** I'll be doing firewall rules here also.
I know, stupid questions...
Any and all help is greatly appriceated.
drool
10 More Discussions You Might Find Interesting
1. IP Networking
I have a new server... We were doing some testing on it over the local ethernet. All was well in the night when we turned off the machine. In the morning we were unable to get the server online. Have changed cables, NICs, looked over network settings... all to no avail.
I am running Redhat... (4 Replies)
Discussion started by: skotapal
4 Replies
2. AIX
Hi friends,
I installed oracle 10g (10.2.0.2) RAC on 2 IBM p5 570 servers running AIX 5.3ML04 and HACMP5.2 (used Raw devices, not used GPFS). Each server has 4 x 1Gbps ethernet cards (NICs), en0 and en1 for boot address, en2 and en3 for oracle interconnect.
Now i want to merge 2 NICs (en2 and... (1 Reply)
Discussion started by: bong02
1 Replies
3. IP Networking
FreeBSD 4.8, Apache 1.3.27 - two NICs, one with a real-world IP plugged into a switch outside the PIX firewall, the other with a private IP plugged into a switch inside the PIX firewall. Apache listens on both IPs. my domain is mydomain.org.
so in /etc/rc.conf i have something like this (these... (10 Replies)
Discussion started by: ednix
10 Replies
4. Solaris
Hi, is there a way in Solaris 8 to determine how many total NIC's say a Sun Sparc box has installed - plumbed or unplumbed - and find out its capable network speeds and MAC address?
I know ifconfig -a but that only shows the plumbed and used interfaces.
thx
cc (2 Replies)
Discussion started by: bigapple100
2 Replies
5. Linux
I'm looking for a way in RHL 5.1 to use two NICs on one host with two physical IP addresses and map them under one virtual IP address, i.e. NIC 1 10.10.10.1 NIC2 10.10.10.2 VIP 192.168.10.1
Basically I want either one of the NICs to ARP for the VIP. No load balancing required just HA. (2 Replies)
Discussion started by: wschmied
2 Replies
6. Programming
Hello there,
My mulithreaded application (which is too large to represent the source code here) is crashing after installing FreeBSD 7.1-RELEASE/amd64.
It worked properly on others machines (Dual Cores with 4GB of RAM - FreeBSD 6.2-RELEASE/i386).
The current machine has 2x Core 2 Duo... (1 Reply)
Discussion started by: Seenquev
1 Replies
7. UNIX for Dummies Questions & Answers
Hi;
Is there a way to determine for sure how many NIC ports installed on my Linux box?
I tried to run "lspci" but not sure about the results, it's not clear.
Below are the results when i run both "ifconfig" & "lspci" on my Linux box i hope someone can help me finding the actual numbers of... (1 Reply)
Discussion started by: Katkota
1 Replies
8. Solaris
Dear members,
I have to problems ;
First ; I need to setup two NICs for a Solaris 10 server. But I could not do that unless giving different names in /etc/hosts file. like :
10.1.1.1 testsolaris1
10.3.1.1 testsolaris2
Second ; After solving first problem I have to setup my... (3 Replies)
Discussion started by: shadowfaxxxx
3 Replies
9. IP Networking
Hi all,
Host - Ubuntu 12.04 desktop 64bit
Virtualizer - Oracle VirtualBox
2 NICs
Where can I find relevant document to set up 2 NICs, one for inward bound and another for outward bound, separate channel, both connected to the same router
Would following document be appropriate for my... (1 Reply)
Discussion started by: satimis
1 Replies
10. UNIX for Dummies Questions & Answers
Hello All,
I have Linux box with two interface cards.
Every card has it's own IP Address and Gateway, IP addresses are from different subnets.
eth0 192.168.1.10/24 GW 192.168.1.1
eth1 192.168.2.10/24 GW 192.168.2.1
Third PC is located in 192.168.13.0/24 network and is trying to access... (2 Replies)
Discussion started by: AndreiM
2 Replies
LEARN ABOUT DEBIAN
shorewall-exclusion
SHOREWALL-EXCLUSION(5) [FIXME: manual] SHOREWALL-EXCLUSION(5)
NAME
exclusion - Exclude a set of hosts from a definition in a shorewall configuration file.
SYNOPSIS
!address-or-range[,address-or-range]...
!zone-name[,zone-name]...
DESCRIPTION
The first form of exclusion is used when you wish to exclude one or more addresses from a definition. An exclaimation point is followed by
a comma-separated list of addresses. The addresses may be single host addresses (e.g., 192.168.1.4) or they may be network addresses in
CIDR format (e.g., 192.168.1.0/24). If your kernel and iptables include iprange support, you may also specify ranges of ip addresses of the
form lowaddress-highaddress
No embedded whitespace is allowed.
Exclusion can appear after a list of addresses and/or address ranges. In that case, the final list of address is formed by taking the first
list and then removing the addresses defined in the exclusion.
Beginning in Shorewall 4.4.13, the second form of exclusion is allowed after all and any in the SOURCE and DEST columns of
/etc/shorewall/rules. It allows you to omit arbitrary zones from the list generated by those key words.
Warning
If you omit a sub-zone and there is an explicit or explicit CONTINUE policy, a connection to/from that zone can still be matched by the
rule generated for a parent zone.
For example:
/etc/shorewall/zones:
#ZONE TYPE
z1 ip
z2:z1 ip
...
/etc/shorewall/policy:
#SOURCE DEST POLICY
z1 net CONTINUE
z2 net REJECT
/etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST
# PORT(S)
ACCEPT all!z2 net tcp 22
In this case, SSH connections from z2 to net will be accepted by the generated z1 to net ACCEPT rule.
In most contexts, ipset names can be used as an address-or-range. Beginning with Shorewall 4.4.14, ipset lists enclosed in +[...] may also
be included (see shorewall-ipsets[1] (5)). The semantics of these lists when used in an exclusion are as follows:
o !+[set1,set2,...setN] produces a packet match if the packet does not match at least one of the sets. In other words, it is like NOT
match set1 OR NOT match set2 ... OR NOT match setN.
o +[!set1,!set2,...!setN] produces a packet match if the packet does not match any of the sets. In other words, it is like NOT match set1
AND NOT match set2 ... AND NOT match setN.
EXAMPLES
Example 1 - All IPv4 addresses except 192.168.3.4
!192.168.3.4
Example 2 - All IPv4 addresses except the network 192.168.1.0/24 and the host 10.2.3.4
!192.168.1.0/24,10.1.3.4
Example 3 - All IPv4 addresses except the range 192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
!192.168.1.3-192.168.1.12,10.0.0.0/8
Example 4 - The network 192.168.1.0/24 except hosts 192.168.1.3 and 192.168.1.9
192.168.1.0/24!192.168.1.3,192.168.1.9
Example 5 - All parent zones except loc
any!loc
FILES
/etc/shorewall/hosts
/etc/shorewall/masq
/etc/shorewall/rules
/etc/shorewall/tcrules
SEE ALSO
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5),
shorewall-tunnels(5), shorewall-zones(5)
NOTES
1. shorewall-ipsets
http://www.shorewall.net/manpages/shorewall-ipsets.html
[FIXME: source] 06/28/2012 SHOREWALL-EXCLUSION(5)