Date: Tue, 22 Aug 2000 10:18:39 -0700 From: "Larry Skarpness Jr." <larry@chainsoft.com> To: "Emmanuel Gravel" <egravel@earthlink.net>, "Crist J . Clark" <cjclark@reflexnet.net> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: ARP issues with 2 or more multi-homed interfaces on same physical LAN Message-ID: <001401c00c5d$040da9b0$0a00a8c0@chainsoft.com> References: <Pine.BSF.4.10.10008220246190.2305-100000@parmenides.utp.net> <200008220514.WAA24408@avocet.prod.itd.earthlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
OK. I'm getting some great responses here. I appreciate the effort. Let me explain futher. In this case the cable modem does not leak my private network traffic. It appearently only transmits packets that it can route. It only allows the IPs that my ISP has given me to connect with it. I can actually verify this by watching the transmit LED, and it does not light during private network activity. I've also never seen anyone elses private network packets come across. Remember that I must connect TWO different machines via the same cable modem, and the only way to do this is with a hub. These same two machines must also be on the private net. I did start out with just NICA in Machine 1 (FreeBSD), but then my Firewall and NAT did not work properly (or was exceedingly complex to deal with) because of issues being on the same interface. So I abandoned that fiasco and went to the two NIC configuration. I could buy another hub, and could even put another NIC in machine 2. Then the my private could be physically seperated from the public nets. But that seems like overkill. The cable modem is already logically filtering the private network out. I'm currently only connecting 3 machines. For its intended purposes this configuration is not causing a security problem or performance problem. The current network capacity (including any overhead incurred on all machines) is completely underutilized. Would it be reasonable for an OS to handle this configuration without a constant stream of complaints? > You're better off just running a null hub cable between the cable modem and > the first interface on your dual homed system, and keep the others, which are > your internal network, on your hub. Keeps it cleaner since your gateway system > still needs to do NAT with the other machines (so the packets go on the hub > at least twice instead of just the once). I have a similar setup and it > works like > a charm, using FreeBSD 4.1 circa Mon Jul 17 20:04:10 MST 2000. Your setup > can actually leave fairly big holes to someone who knows how to use them. > Plus, a null hub isn't hard to do (you should have gotten one from them > anyway). > > Moral of this story, separate your networks with more than just TCP/IP. You'll > get better performance out of it anyway. > > Good luck! > > At 08:25 PM 8/21/00 -0700, Larry Skarpness Jr. wrote: > >Janko, > > > >Thanks for the quick response. Allow me to clarify the situation. The NICs > >have different IPs, different networks, and differenct ethernet addresses. > >They just happen to be connected to the same network hub. Obviously this is > >a somewhat unusual configuration. The OS detects this situation as it > >should, however it spews warning messages constantly when just one would be > >enough. > > > >Some might be asking why would you want to do this in the first place. I am > >situtuated on a cable modem. The ISP has supplied two completely different > >IPs and different networks through this one cable modem. The ISP severly > >limits the upload bandwidth, even between IPs on networks within their > >control. So I have also multi-homed these two machines to another private > >local network on which other machines exist. NAT is also being used on one > >of the public IPs to support other machines on the private network. All of > >these machines and the cable modem are wired into the same network hub, as > >there is no reason to physically seperate them. Through this mechanism all > >the machines can reach eachother on the private net, and get out to the > >internet. > > > >Machine 1 has > > NICA HUB1 > > IPA NETA (cable modem1) supports NAT to outside > > NICB HUB1 > > IPB NETB (local1) > >Machine 2 has > > NICC HUB1 > > IPC NETC (cable modem1) > > IPD NETB > >Machine 3 has > > NICD HUB1 > > IPE NETB > >Cable mdem 1 on HUB1 > > > >I think this is a valid configuration. Machine 1 complains that ARPs on > >NICA are picked up on NICB, which in this situation would be expected. Is > >there some reason why the FreeBSD OS must be so noisy about it? I WANT two > >or more NICs in the same machine on the same physical network. The hack I > >made to if_ether.c forces the OS quiet about it. Others are in the same > >situation and would probably like this option without the neccessity to > >hack. > > > >Larry > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001401c00c5d$040da9b0$0a00a8c0>