Re: 2 Network Cards
On Fri, Feb 01, 2008 at 04:35:18PM -0900, Ken Irving wrote:
> On Fri, Feb 01, 2008 at 04:37:03PM -0800, Raquel wrote:
> > On Fri, 1 Feb 2008 16:09:00 -0800 Raquel wrote:
> > 
> > > I have 2 network cards in this machine.  Currently only one of those
> > > cards is setup but now I have need to setup another.  The
> > > current /etc/network/interfaces looks like:
> > > # The primary network interface
> > > allow-hotplug eth0
> > > iface eth0 inet static
> > >         address 99.999.999.137
> > >         netmask 255.255.255.248
> > >         network 99.999.999.136
> > >         broadcast 99.999.999.999
> > >         gateway 99.999.999.999
> > >         dns-nameservers 99.999.999.999 99.999.999.999
> > >         dns-search domain.com
> > 
> > Let me make a few changes.  In order to get eth1 to also work, can I
> > add to /etc/network/interfaces:
> > 
> > # The secondary network interface
> > allow-hotplug eth1
> > iface eth1 inet static
> >         address 99.999.999.138
> >         netmask 255.255.255.248
> >         network 99.999.999.136
> >         broadcast 99.999.999.999
> >         gateway 99.999.999.999
> >         dns-nameservers 99.999.999.999 99.999.999.999
> >         dns-search domain.com
> > 
> > Is there anything else I need to watch out for?  I know that the
> > firewall needs to be changed.
> 
> I don't think it's quite as simple as providing two separate IPs on a
> single subnet, but what are you trying to do?  All you say is that you
> need to "setup" the second card, but why?  I have plenty of systems
> with 2 cards, but I've only done it to host a local net on one card,
> with an upstream net connection on the other.  While you haven't said
> much about the "firewall", I'd suggest looking at shorewall and its docs,
> only because that's where I've read about doing this sort of thing.
I haven't seen any response to this, but had the impression from the
use of 137 and 138 in the addresses above that both would be on the
same subnet.  The obfuscated "network" entries look to me to be host
address, so I don't know what you're dealing with.  I googled a bit and
found some informative links, and suggest you do the same.
I dimly recall that there's something in how the kernel works with
interfaces and ip address that's perhaps not intuitive, and easy to
get wrong.
-- 
 Ken Irving, fnkci+debianuser@uaf.edu
Reply to: