Date: Mon, 19 Jul 2004 03:13:31 -0700 From: Kevin Stevens <freebsd@pursued-with.net> To: "Web Walrus (Robert Wall)" <custpriv@web-walrus.com> Cc: freebsd-questions@freebsd.org Subject: Re: Routing issue Message-ID: <49542D01-D96C-11D8-980B-000A959CEE6A@pursued-with.net> In-Reply-To: <20040719040431.V19557@iceberg.web-walrus.com> References: <20040719040431.V19557@iceberg.web-walrus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 19, 2004, at 02:12, Web Walrus (Robert Wall) wrote: > That network card has a config roughly like > > ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 > ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 > defaultrouter="1.2.3.1" Excuse me why I interject that it's a royal PITA when people post obfuscated IP information while asking IP-related questions. It inevitably introduces confusion. Ok, I feel better now... > When I have the network set up in this manner (packets coming in via > two > external lines plugged into the same switch), I can only access the > network that is on the same network as the default router. In the > example > above, I can access the server by 1.2.3.4, but not by 2.3.4.5. If I > change the defaultrouter to 2.3.4.1, I can access the server by 2.3.4.5 > but not 1.2.3.4. Access the server from where? Let me test my understanding. You have a server with one NIC and two addresses, plugged into a single switched network along with two ethernet connections to external ISPs, and you're trying to connect to the server from a remote network via the different addresses? If both addresses can reach the network you are connecting from, it should work via either address. Note that the RESPONSE may come to you from a different address, and if that confuses your application THAT may break. For example, if you come in on 2.3.4.5, the reply will still return via 1.2.3.4 - your server can only have one default gateway, and if that's how it knows to reach you, that's where it will go. If your two networks can't both reach your source network, then yes, it will break. There are workarounds, most involve either a dynamic routing protocol that can assign priorites to the different paths, or introducing an external device (firewall, router) that basically does the same thing. Essentially you need more elaborate routing that takes availability into account. KeS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49542D01-D96C-11D8-980B-000A959CEE6A>