Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 27 Sep 2007 09:59:57 -0500
From:      Paul Schmehl <pauls@utdallas.edu>
To:        freebsd-questions@freebsd.org
Subject:   Re: Binding application to one ethernet interface
Message-ID:  <5D541A4C4732A1ECF4775BE0@utd59514.utdallas.edu>
In-Reply-To: <20070927112954.4F9E295959@s21sec.com>
References:  <20070927112954.4F9E295959@s21sec.com>

next in thread | previous in thread | raw e-mail | index | archive | help
--==========D89358F4D2F67D28864D==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

--On Thursday, September 27, 2007 13:30:24 +0200 Eduardo Morras=20
<emorras@s21sec.com> wrote:

> Hello:
>
>     I have a server with apache that serves pages to an intranet. Now we
> want to add another server application (cvs and pgsql) to another
> intranet. Of course we can buy a new server to do that, but i want to
> know if i can add a new ethernet card to the current server and force
> apache to serve to one intranet and cvs/pgsql to the other intranet.
>     I think that by default, freebsd will balance the charge between both
> cards, is it true??
>
Most applications will listen on *all* interfaces by default.  I'm not=20
aware of an application that *cannot* be configured to only listen on one=20
IP address, but there may be some.

In the case of apache, you simply edit the Listen attribute and then=20
restart the service.

Listen x.x.x.x:80

I don't use postgres, but I'd bet it has the option as well.  Mysql=20
certainly does.  You just need to read the man pages for each app (or=20
online docs) to find out what config option you need to use and what the=20
syntax needs to be.  Or Google it.

BTW, you don't really need a second nic.  You can alias the first one.

In /etc/rc.conf use ifconfig_interface_alias0=3D"IP Netmask"

For example, from a live setup:

ifconfig_bce0=3D"inet 66.221.101.248 netmask 255.255.224.0"
ifconfig_bce0_alias0=3D"inet 66.221.101.250  netmask 255.255.255.255"
ifconfig_bce0_alias1=3D"inet 66.221.101.253  netmask 255.255.255.255"

Since you would be using different subnets, you set the netmask=20
appropriately for that subnet.  When you alias on the *same* subnet, all=20
the alias netmasks have to be "non-conflicting", according to the man page, =

so you use the netmask I use above.

--=20
Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

--==========D89358F4D2F67D28864D==========--




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5D541A4C4732A1ECF4775BE0>