Mailinglist Archive: opensuse (3964 mails)
| < Previous | Next > |
Re: [SLE] Two NICs
- From: Don Parris <webdev@xxxxxxxxxxxxx>
- Date: Sun, 7 Nov 2004 00:09:07 -0500
- Message-id: <200411070009.07969.webdev@xxxxxxxxxxxxx>
On Saturday 06 November 2004 23:19, Stan Glasoe wrote:
> On Saturday 06 November 2004 7:24 pm, Don Parris wrote:
> > Well, I did not setup DHCP - let me get the /etc/hosts file approach
> > first. I left eth0 config'd as 192.168.1.3. I changed the rest of
> > the LAN 192.168.2.x. At least now, when I ping the LAN, the hub
> > lights up for both NICs, whereas before, it would only light up for
> > the NIC I was pinging from.
>
> Whoa. I don't think that I like your plumbing here. Do you have both
> eth0 and eth1 going into the same hub? I recommend not doing that
> because I like to keep my subnets physically separated. It helps me to
> know exactly where I want packets to be going.
>
Sorry Stan,
eth0 is my DSL connection - should have made that clear. eth1 Goes to the
local hub.
>
> eth1 should be the only cable from the PC to the hub that connects all
> the other internal LAN devices. eth0 goes to the Internet through
> whatever; dsl0 or external broadband firewall/router device. eth1 goes
> to the internal LAN. Physically separate networks.
>
> There are ways to do it differently but you are just starting out so
> lets really keep things separate. This will help you visualize your
> firewall flow also. FW_EXT_DEV=eth0 and is physically different than
> FW_INT_DEV=eth1. Different zones per Shorewall Firewall setup.
>
> > All other boxes recognize each other, and I can ping via IP or host
> > name. But when I ping from x/2.2 (or to it), ping doesn't return a
> > result, and I have to hit [ctrl]+c. I've also noticed an error
> > message that may have an impact - not sure:
> > Error inserting ipfwadm
> > (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko
> >): Device or resource busy
> >
> > Next step?
>
> Tell me eth0 and eth1 are NOT connected to the same hub/switch.
>
As above , definitely NOT. I guess I was assuming (I know, I know...) that
you guys would understand that I was trying to get one NIC to work with the
hub - the other already works nicely with the DSL modem. Also, eth0 is the
on-board NIC, and eth1 is a used 3Com I picked up today. The original eth1
was a D-Link.
Both PCI NICs were recognized & config'd by Yast, and ifconfig showed both
setup properly, though, as Anders pointed out - with some errors. I really
don't think the hardware is the issue, though. So far, I've been switching
the DSL & LAN cables on eth0 as needed to connect to the internet or to the
LAN. While this defintely cuts down outsiders' chances of attacking the
whole LAN, it is inconvenient. ;)
As mentioned in my response to Anders, I can get VNC connections using the LAN
cable on eth0, but when using eth1, I get nada. Ok, I do get blinking lights
- but that's about it.
> Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network
> Devices, Network Cards.
>
If it's o.k. with you, I'd like to get eth1 working with the local hub first -
then worry about giving my LAN access to the outside world.
> > --
Don
--
DC Parris GNU Evangelist
http://matheteuo.org/
http://chaddb.sourceforge.net/
"Free software is like God's love - you can share it with
anyone anytime anywhere!"
> On Saturday 06 November 2004 7:24 pm, Don Parris wrote:
> > Well, I did not setup DHCP - let me get the /etc/hosts file approach
> > first. I left eth0 config'd as 192.168.1.3. I changed the rest of
> > the LAN 192.168.2.x. At least now, when I ping the LAN, the hub
> > lights up for both NICs, whereas before, it would only light up for
> > the NIC I was pinging from.
>
> Whoa. I don't think that I like your plumbing here. Do you have both
> eth0 and eth1 going into the same hub? I recommend not doing that
> because I like to keep my subnets physically separated. It helps me to
> know exactly where I want packets to be going.
>
Sorry Stan,
eth0 is my DSL connection - should have made that clear. eth1 Goes to the
local hub.
>
> eth1 should be the only cable from the PC to the hub that connects all
> the other internal LAN devices. eth0 goes to the Internet through
> whatever; dsl0 or external broadband firewall/router device. eth1 goes
> to the internal LAN. Physically separate networks.
>
> There are ways to do it differently but you are just starting out so
> lets really keep things separate. This will help you visualize your
> firewall flow also. FW_EXT_DEV=eth0 and is physically different than
> FW_INT_DEV=eth1. Different zones per Shorewall Firewall setup.
>
> > All other boxes recognize each other, and I can ping via IP or host
> > name. But when I ping from x/2.2 (or to it), ping doesn't return a
> > result, and I have to hit [ctrl]+c. I've also noticed an error
> > message that may have an impact - not sure:
> > Error inserting ipfwadm
> > (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko
> >): Device or resource busy
> >
> > Next step?
>
> Tell me eth0 and eth1 are NOT connected to the same hub/switch.
>
As above , definitely NOT. I guess I was assuming (I know, I know...) that
you guys would understand that I was trying to get one NIC to work with the
hub - the other already works nicely with the DSL modem. Also, eth0 is the
on-board NIC, and eth1 is a used 3Com I picked up today. The original eth1
was a D-Link.
Both PCI NICs were recognized & config'd by Yast, and ifconfig showed both
setup properly, though, as Anders pointed out - with some errors. I really
don't think the hardware is the issue, though. So far, I've been switching
the DSL & LAN cables on eth0 as needed to connect to the internet or to the
LAN. While this defintely cuts down outsiders' chances of attacking the
whole LAN, it is inconvenient. ;)
As mentioned in my response to Anders, I can get VNC connections using the LAN
cable on eth0, but when using eth1, I get nada. Ok, I do get blinking lights
- but that's about it.
> Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network
> Devices, Network Cards.
>
If it's o.k. with you, I'd like to get eth1 working with the local hub first -
then worry about giving my LAN access to the outside world.
> > --
Don
--
DC Parris GNU Evangelist
http://matheteuo.org/
http://chaddb.sourceforge.net/
"Free software is like God's love - you can share it with
anyone anytime anywhere!"
| < Previous | Next > |