From owner-freebsd-questions@FreeBSD.ORG Tue Jun 21 11:28:59 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 17DAC106566C for ; Tue, 21 Jun 2011 11:28:59 +0000 (UTC) (envelope-from martin@x.it.okstate.edu) Received: from x.it.okstate.edu (x.it.okstate.edu [139.78.2.13]) by mx1.freebsd.org (Postfix) with ESMTP id C34BF8FC14 for ; Tue, 21 Jun 2011 11:28:58 +0000 (UTC) Received: from x.it.okstate.edu (localhost.cis.okstate.edu [127.0.0.1]) by x.it.okstate.edu (8.14.4/8.14.4) with ESMTP id p5LBSvCe095130 for ; Tue, 21 Jun 2011 06:28:57 -0500 (CDT) (envelope-from martin@x.it.okstate.edu) Message-Id: <201106211128.p5LBSvCe095130@x.it.okstate.edu> To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <95128.1308655737.1@x.it.okstate.edu> Date: Tue, 21 Jun 2011 06:28:57 -0500 From: Martin McCormick Subject: Re: Two Networks on one System X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2011 11:28:59 -0000 Here is what the issue is right now. The remote campus in question has been on number space that was part of our Class B network. They got a block of subnets for their DNS's and campus enterprises and work stations. We secured them their own number space and they are migrating from their portion of our network to their new network and both nets are presented routable from the rest of the world. If you do a whois query for their domain, you get the address on our network of their primary DNS. When one updates the whois data, there is a lag of some hours until new queries start going to the new address of their primary DNS. In the mean time, we don't really care but we would like for the new interface for the primary to be reachable so that the minute the information changes, we're answering lookups. After that point, we will permanently take down the old interface address on our network and probably reboot with the normal configuration now being the new IP address. The problem I have, probably due to a misunderstanding of what I need to do, is easy to describe. The defaultrouter statement in rc.conf or route add default x.x.x.x from the command line sets an interface to know that packets whose destinations or sources that are outside the subnet go to that default gateway. When I set up the secondary interface, I have not been able to come up with a statement or statements that tell fxp1 that it's default router is y.y.y.y so you can't ever reach it from outside the new subnet. Once traffic ever gets in to the system, it will probably stay together based on the interface where it came from, but it won't have to do it for hopefully more than a few hours. I have tried both a second physical connection and an alias and have ended up with the same behavior each time. Since we have the second NIC active, I prefer to use it if I can ever get it to use its router just like the primary interface does. Right now, I can get on to our secondary DNS which is in the same subnet as the new address for the primary and log right in to the primary through the new interface. From anywhere else on the Earth, that new address is as dead as a doornail. I certainly appreciate every posting so far as routing is one of the thorniest issues one can encounter in networking so the more one is aware of, the less head-scratching and frustration there is. Martin McCormick