Re: Configure 2nd NIC on Tjener?
On Sat, Sep 11, 2004 at 09:24:38PM +0200, Ralf Gesel|ensetter wrote:
> Dear List,
>
> our Tjener is a FSC TX150 and has a well performiner on board NIC (1GB RJ45)
> which presently runs 100Mbit FD. LTSP is running on a separte machine.
>
> The concept of skolelinux is to run Tjener with only one NIC (10.0.2.2) that
> is connected to the "barebone" linking internet router, ltsp servers, work
> stations.
>
> The reason why we mounted a 2nd NIC (eth1) into our Tjener was, that
> - our backbone switch has a Fibre MBit uplink
> - some remote buildings connect to a Fibre MBit Switch
> - we owned a spare Fibre Gigabit NIC anyway.
>
> Now, we think about _activating_ eth1. Basically there are three options:
> (1) replace eth0 by eth1
> (2) use eth0 for internet connection, eth1 for intranet (Tjener = Firewall)
> (3) use eth0 for incoming, eth1 for outgoing traffic.
>
> Option 1 involves editing /etc/network/interfaces to map eth1 to eth0.
The easier methode is to make sure that the module for the gbit card is
loaded first, by placing the modulename (tg3 or something else) before
the name of the old 100MBit card in /etc/modules.
I guess the module for the 100MBit card is not menioned in /etc/modules,
then it's enough to mention the module for the gbit card there.
> Option 2 would restrict outgoing traffic passing Tjener. I suppose, it was
> mainly squid settings to change.
Well, it has been done but I'd rather not do it.
It involves setting up a firewall on tjener, changing default gateway
for the backbone, and maybe enabling tjener to forward ip connections.
> Option 3 sounds most interesting as most of Tjener's traffic is outbound. I
> suspect however that most requests _do_ care if replies come from another IP
> than the request was sent to.
> Don't worry, I am quite patient before doing any changes - but discussing
> pro`s and con`s is something we should start here.
Well if your nic is able to handle syncronous traffic, you would not
gain much I think.
// faj
Reply to: