RE: multiple network cards and dns
That's brilliant thanks for that!
I am going to be setting up a proxy server using Squid with 2 network cards. I am right in saying the routing table should have a default out the external interface.
Also the reason i was asking about dns is that as im using this box as a proxy what dns servers should i specify? Ones on the inside network, the isp's (external network), or both of them?
Date: Sun, 31 Dec 2006 12:30:50 -0700
Subject: Re: multiple network cards and dns
Andrew Critchlow wrote:
When you have 2 network cards in use with debian with DNS server configured on each which one does it choose to query for an address?DNS is a map of names to numbers and numbers to names. You can basically assign any name to each IP for each NIC. If you assign the same name to two IP address, BIND DNS will rotate the responses in a round robin fashion.
Is configuring 2 network cards on debian as simple as configuring one card?
foo.bar. IN A 192.168.1.1
foo.bar. IN A 192.168.1.2
Will first respond to queries:
Then will respond:
This is a load balancing feature of BIND 4.9 and later versions, if this is what you are trying to accomplish. Otherwise if it's a firewall, assign a different name to the internal and external IPs.
Configuring two NICs is as simple as adding another entry in /etc/network/interfaces for the new NIC. Be careful as sometimes after adding a second NIC the original NIC may become eth1 rather than eth0 (this has been PCI slot placement dependent for me).
Here's the /etc/network/interfaces file from my firewall:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
auto lo eth0 eth1
# The loopback network interface
iface lo inet loopback
# The internal (onboard) network interface
iface eth1 inet static
# The external (pci) network interface
iface eth0 inet static
Note the commented out gateway for eth1. Since this is a firewall the appropriate gateway is the external one and if both gateways are enabled routes get screwed up. I know as I've had this hang me up before...