From owner-freebsd-questions@FreeBSD.ORG Thu Sep 27 14:59:58 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AEACF16A478 for ; Thu, 27 Sep 2007 14:59:58 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from smtp3.utdallas.edu (smtp3.utdallas.edu [129.110.10.49]) by mx1.freebsd.org (Postfix) with ESMTP id B0A3013C465 for ; Thu, 27 Sep 2007 14:59:57 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from utd59514.utdallas.edu (utd59514.utdallas.edu [129.110.3.28]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp3.utdallas.edu (Postfix) with ESMTP id 7102365508 for ; Thu, 27 Sep 2007 09:59:57 -0500 (CDT) Date: Thu, 27 Sep 2007 09:59:57 -0500 From: Paul Schmehl To: freebsd-questions@freebsd.org Message-ID: <5D541A4C4732A1ECF4775BE0@utd59514.utdallas.edu> In-Reply-To: <20070927112954.4F9E295959@s21sec.com> References: <20070927112954.4F9E295959@s21sec.com> X-Mailer: Mulberry/4.0.6 (Linux/x86) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========D89358F4D2F67D28864D==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Binding application to one ethernet interface X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Sep 2007 14:59:58 -0000 --==========D89358F4D2F67D28864D========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On Thursday, September 27, 2007 13:30:24 +0200 Eduardo Morras=20 wrote: > Hello: > > I have a server with apache that serves pages to an intranet. Now we > want to add another server application (cvs and pgsql) to another > intranet. Of course we can buy a new server to do that, but i want to > know if i can add a new ethernet card to the current server and force > apache to serve to one intranet and cvs/pgsql to the other intranet. > I think that by default, freebsd will balance the charge between both > cards, is it true?? > Most applications will listen on *all* interfaces by default. I'm not=20 aware of an application that *cannot* be configured to only listen on one=20 IP address, but there may be some. In the case of apache, you simply edit the Listen attribute and then=20 restart the service. Listen x.x.x.x:80 I don't use postgres, but I'd bet it has the option as well. Mysql=20 certainly does. You just need to read the man pages for each app (or=20 online docs) to find out what config option you need to use and what the=20 syntax needs to be. Or Google it. BTW, you don't really need a second nic. You can alias the first one. In /etc/rc.conf use ifconfig_interface_alias0=3D"IP Netmask" For example, from a live setup: ifconfig_bce0=3D"inet 66.221.101.248 netmask 255.255.224.0" ifconfig_bce0_alias0=3D"inet 66.221.101.250 netmask 255.255.255.255" ifconfig_bce0_alias1=3D"inet 66.221.101.253 netmask 255.255.255.255" Since you would be using different subnets, you set the netmask=20 appropriately for that subnet. When you alias on the *same* subnet, all=20 the alias netmasks have to be "non-conflicting", according to the man page, = so you use the netmask I use above. --=20 Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========D89358F4D2F67D28864D==========--