[vox-tech] Multiple IPs on one system

Marc Hasbrouck vox-tech@lists.lugod.org
Fri, 3 May 2002 13:16:33 -0700 (PDT) 

Actually what is going on here is that one IP (the
dhcp one) is being served by my firewall and the fixed
one is for use on my internal LAN only. The firewall I
have gets the WAN info via dhcp and then passes that
on as a dhcp server for the LAN.

I want a fixed address to do local net installs from.
If packets won't get routed back correctly to the
local requester, then I may have to use brute force.

The brute force method involves the server having a
second NIC on a different subnet and changing the
client's address for the NFS operations (Net install /
upgrade). Then the client's IP would be changed back
to match it's use on the LAN.

Thanks for the warning
Marc

--- Jeff Newmiller <jdnewmil@dcn.davis.ca.us> wrote:
> On Fri, 3 May 2002, Marc Hasbrouck wrote:
> 
> > Here's a challenging question (for me at least),
> > 
> > I want to have server with two IP's on the same
> > subnet. So far, my attemps with two NIC's don't
> work.
> > To get any kind of connectivity, each NIC needs to
> > talk to a differnt subnet.
> > 
> > What I want to do it this:
> > 
> > eth0 - dhcp to get my name isp's name servers from
> the
> > firewall/dhcp server. No server service requests
> > (Samba, NFS, or FTP) allowed in.
> > 
> > eth1 - in the same subnet, but a fixed address
> outside
> > the dhcp range with server services running
> against
> > it.
> > 
> > The idea was to set up a mirror of Redhat's
> updates
> > files and update my systems locally with out
> having to
> > pay for multiple RH network memberships. I plan to
> > keep three to four systems updated this way. Each
> will
> > have a different configuration (Server, laptop,
> > workstation, etc.).
> > 
> > Questions:
> > 
> > 1. Is this possible?
> 
> The configuration you want is not practical.
> 
> The killer is getting your ISP to route packets to
> this other "fixed
> address".  They provide this service for a fee...
> and it is higher than
> (2-3 times) the dhcp level of service you pay for
> now.  If you do pay for
> it, there won't be much point in keeping the dhcp
> service.
> 
> Even if you could get this configuration set up with
> your ISP, and you
> then used IP Aliasing, Linux will accept packets
> coming in on either IP
> number, but you may experience some difficulties
> with serving protocols
> like FTP that expect the server to open connections
> going back to the
> client. New outbound connections will usually pick
> up the source ip of the
> default interface... and the client that requested
> the "return reply" can
> get confused when it receives an "answer" from the
> wrong IP address.
> Having one IP address on each network segment is
> really the most
> straightforward solution.
> 
> > 2. Would it be easier to just learn how to use
> iptables?
> 
> Perhaps, but are apples easier than oranges?  I
> don't think the solution
> lies thataway.
> 
>
---------------------------------------------------------------------------
> Jeff Newmiller                        The     ..... 
>      .....  Go Live...
> DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#. 
>      ##.#.  Live Go...
>                                       Live:   OO#..
> Dead: OO#..  Playing
> Research Engineer (Solar/Batteries            O.O#. 
>      #.O#.  with
> /Software/Embedded Controllers)               .OO#. 
>      .OO#.  rocks...2k
>
---------------------------------------------------------------------------
> 
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech


__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com