Date: Thu, 27 Sep 2007 09:59:57 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-questions@freebsd.org Subject: Re: Binding application to one ethernet interface Message-ID: <5D541A4C4732A1ECF4775BE0@utd59514.utdallas.edu> In-Reply-To: <20070927112954.4F9E295959@s21sec.com> References: <20070927112954.4F9E295959@s21sec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========D89358F4D2F67D28864D========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On Thursday, September 27, 2007 13:30:24 +0200 Eduardo Morras=20 <emorras@s21sec.com> wrote: > Hello: > > I have a server with apache that serves pages to an intranet. Now we > want to add another server application (cvs and pgsql) to another > intranet. Of course we can buy a new server to do that, but i want to > know if i can add a new ethernet card to the current server and force > apache to serve to one intranet and cvs/pgsql to the other intranet. > I think that by default, freebsd will balance the charge between both > cards, is it true?? > Most applications will listen on *all* interfaces by default. I'm not=20 aware of an application that *cannot* be configured to only listen on one=20 IP address, but there may be some. In the case of apache, you simply edit the Listen attribute and then=20 restart the service. Listen x.x.x.x:80 I don't use postgres, but I'd bet it has the option as well. Mysql=20 certainly does. You just need to read the man pages for each app (or=20 online docs) to find out what config option you need to use and what the=20 syntax needs to be. Or Google it. BTW, you don't really need a second nic. You can alias the first one. In /etc/rc.conf use ifconfig_interface_alias0=3D"IP Netmask" For example, from a live setup: ifconfig_bce0=3D"inet 66.221.101.248 netmask 255.255.224.0" ifconfig_bce0_alias0=3D"inet 66.221.101.250 netmask 255.255.255.255" ifconfig_bce0_alias1=3D"inet 66.221.101.253 netmask 255.255.255.255" Since you would be using different subnets, you set the netmask=20 appropriately for that subnet. When you alias on the *same* subnet, all=20 the alias netmasks have to be "non-conflicting", according to the man page, = so you use the netmask I use above. --=20 Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========D89358F4D2F67D28864D==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5D541A4C4732A1ECF4775BE0>