[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 1 or more network cards


On Wed, 21 May 2003 11:40:06 +1000 Glenn Hocking <glenn@sitegeneral.com>
> Has anyone put any thought and testing whether it is better to have
> one network card with multiple IP assigned or 2-3 net cards with
> separate IP numbers.
> Actual specs, The cards are all 10/100 Intel's connected to the net
> via a 10mb/s ethernet with direct public IPs. The secondary IPs are
> private local addresses for local backup and maintenance.

As you mention public and private IP space: physical separation enables
you to recognize and fight address spoofing. With IPtables you simply
use the  -i  option to define the valid interfaces. That won't be
possible if you use only one card. 

Plus searching for errors will be easier: you can ping the inside
interface - so that card's okay. If you can reach the outside card, that
one is okay, too. If you still get nothing through, your iptables config
is hosed. If you only have one card, it'll be much more difficult. As
will be sniffing in respective networks. NAT-issues come to mind, that
will be very difficult to debug when using only one card.


Volker Tanger


Besuchen Sie unsere neuen Internet-Seiten http://www.detewe.de .
Neues Highlight: Wunschproduktberater fuer den Home & Office-Bereich.

Visit our new Internet Pages on http://www.detewe.de .
Our Highlight: Online Product Adviser for Home & Office.
(Currently available in German only)

Reply to: