Date: Wed, 30 Sep 1998 22:18:30 GMT From: steven@shellnet.co.uk (Steven Fletcher) To: "Jeffrey J. Mountin" <jeff-ml@mountin.net> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: IPFW, Dual network cards Message-ID: <3615a823.10152184@smtp.shellnet.co.uk> In-Reply-To: <3.0.3.32.19980930152823.00720380@207.227.119.2> References: <3.0.3.32.19980930152823.00720380@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Sep 1998 15:28:23 -0500, you wrote:
>You are aware that by default Windoze does NetBEUI over TCP/IP and file sharing should be done via NetBEUI.
Aha. This is a case of simply closing the relevant tcp ports via ipfw
yes ?
> He was a bit slow
Aren't they all? }:>
>
>I'd bet there are a lot of vulnerable printers out there. ;)
*grin*
What follows this line is only for the strong-minded:
Okay, so I have managed to get FreeBSD installed and the network cards
in place.
The situation is this:
I have one Intel EtherExpress PRO as fxp0. This is the card that is
connected to our Cisco switch @ 100Mb/s (the main network). This (I
belive) is what is known as the public interface? Its IP is
194.129.209.8 (eth2-fw1.bolton.shellnet.co.uk)
Then there is one RealTek(Groan) 8019 card as ed0. This is setup
correctly as far as I can see - However occasionally the kernel says
"ed0: device timeout". I think I am right here in setting its IPs as
192.168.0.1 (for the internal network) and as 194.129.209.15 (which
will be the default gateway of the bandwidth limited machines that use
it.) It's connected to a cheap 8 port non-switching hub. The following
diagram should illustrate this:
.-----------------------.
| FreeBSD 3 |
'-----------------------'
/ \
Intel Realtek
194.129.209.8 192.168.0.1/194.129.209.15
| | |
| Internal network |
Cisco Hub to |
2501 router. bandwidth limited servers
So, I plugged in the cards and hubs, and now I'd like to do the
following:
1) Using IOS for the IP's of the bandwidth limited servers, I'll
plonk:
ip route 194.129.209.whatever 255.255.255.255 Ethernet0 194.129.209.8
or
ip route 194.129.209.whatever 255.255.255.255 Ethernet0 194.129.209.15
?
Will 194.129.209.8 know that 194.129.209.whatever is accessible via
the RealTek card and be able to forward the packets? Or will the rest
of my network be able to see 194.129.209.15 even though it is
indirectly connected to the network? Just how do I tell FreeBSD to
route packets from one network card to the 2nd network card and vice
versa.
I've tried this, y'see, with no luck.
The situation before was that some of our smart-arse customers we able
to change the default gateway and subnet mask (Windows NT hosted
servers) of their machines and bypass (at least) the outgoing
bandwidth limitations - incoming traffic was still limited by the
router statements so physical security is the next step up.
Anyway, it didn't appear to work after almost all afternoon trying to
figure this out.... I'm a little stuck now and am desperately looking
for people who've done this before to advise on how I go about
resolving this situation :)
Thanks for reading... It's a little long but I have a habit of wanting
to make things clear - usually undone in that I in fact make thinks
worse.
TIA
Steven Fletcher
steven@shellnet.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3615a823.10152184>