From owner-freebsd-questions@FreeBSD.ORG Mon Jul 19 10:12:41 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DB5116A4CE for ; Mon, 19 Jul 2004 10:12:41 +0000 (GMT) Received: from pursued-with.net (adsl-66-125-9-244.dsl.sndg02.pacbell.net [66.125.9.244]) by mx1.FreeBSD.org (Postfix) with ESMTP id 31E6743D1D for ; Mon, 19 Jul 2004 10:12:41 +0000 (GMT) (envelope-from freebsd@pursued-with.net) Received: from [10.0.1.101] (unknown [10.0.1.101]) by pursued-with.net (Postfix) with ESMTP id 2F91F1E57A1; Mon, 19 Jul 2004 03:13:46 -0700 (PDT) In-Reply-To: <20040719040431.V19557@iceberg.web-walrus.com> References: <20040719040431.V19557@iceberg.web-walrus.com> Mime-Version: 1.0 (Apple Message framework v618) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <49542D01-D96C-11D8-980B-000A959CEE6A@pursued-with.net> Content-Transfer-Encoding: 7bit From: Kevin Stevens Date: Mon, 19 Jul 2004 03:13:31 -0700 To: "Web Walrus (Robert Wall)" X-Mailer: Apple Mail (2.618) cc: freebsd-questions@freebsd.org Subject: Re: Routing issue X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jul 2004 10:12:41 -0000 On Jul 19, 2004, at 02:12, Web Walrus (Robert Wall) wrote: > That network card has a config roughly like > > ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 > ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 > defaultrouter="1.2.3.1" Excuse me why I interject that it's a royal PITA when people post obfuscated IP information while asking IP-related questions. It inevitably introduces confusion. Ok, I feel better now... > When I have the network set up in this manner (packets coming in via > two > external lines plugged into the same switch), I can only access the > network that is on the same network as the default router. In the > example > above, I can access the server by 1.2.3.4, but not by 2.3.4.5. If I > change the defaultrouter to 2.3.4.1, I can access the server by 2.3.4.5 > but not 1.2.3.4. Access the server from where? Let me test my understanding. You have a server with one NIC and two addresses, plugged into a single switched network along with two ethernet connections to external ISPs, and you're trying to connect to the server from a remote network via the different addresses? If both addresses can reach the network you are connecting from, it should work via either address. Note that the RESPONSE may come to you from a different address, and if that confuses your application THAT may break. For example, if you come in on 2.3.4.5, the reply will still return via 1.2.3.4 - your server can only have one default gateway, and if that's how it knows to reach you, that's where it will go. If your two networks can't both reach your source network, then yes, it will break. There are workarounds, most involve either a dynamic routing protocol that can assign priorites to the different paths, or introducing an external device (firewall, router) that basically does the same thing. Essentially you need more elaborate routing that takes availability into account. KeS