Date: Fri, 22 Feb 2002 08:19:36 -0500 From: Jim Freeze <jfreeze@freebsdportal.com> To: freebsd-questions@freebsd.org Subject: ifconfig alias & Apache & gateway interaction Message-ID: <20020222081936.A13548@freebsdportal.com>
next in thread | raw e-mail | index | archive | help
Hi:
I have what I think may be a firewall problem, but I cannot
explain it. On my machine, which is both a gateway and an http
server, I have two IPs. I have setup my /etc/rc.conf as
fconfig_sis0="inet a.b.c.203 netmask 255.255.255.248"
ifconfig_sis0_alias0="inet a.b.c.204 netmask 255.255.255.248" # sm
where I have replaced the actual first three numbers of the IP address
with a, b and c, respectively, to protect the innocent.
Inspecting the network configuration from the command line I get:
ifconfig -a
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::2a0:ccff:fe78:2395%sis0 prefixlen 64 scopeid 0x1
inet a.b.c.203 netmask 0xfffffff8 broadcast a.b.c.207
inet a.b.c.204 netmask 0xfffffff8 broadcast a.b.c.207
ether 00:a0:cc:78:23:95
media: Ethernet autoselect (10baseT/UTP)
status: active
My machine now has two IPs. I configured apache in an IP vhost
configuration so it could serve up domains domain1(a.b.c.203)
and domain2(a.b.c.204):
NameVirtualHost a.b.c.203
<VirtualHost a.b.c.203>
ServerName www.domain1.com
DocumentRoot "/path_to_domain1/htdocs"
</VirtualHost>
<VirtualHost a.b.c.204>
DocumentRoot "/path_to_domain2/htdocs"
ServerName www.domain2.com
</VirtualHost>
There is no default server.
Since I have read and followed the docs, you would expect all this
to work, and it DOES WORK. Access to domain1 works fine if I am
at the gateway machine or not. Access to domain2 works fine from
outside the firewall and from the local LAN, but NOT when I am on
the gateway machine.
Trying domain2 on the gateway machine I get:
telnet www.domain2.com 80
Trying a.b.c.204...
My applicable firewall rules are:
01500 allow tcp from any to a.b.c.203 80 setup
01600 allow tcp from any to a.b.c.204 80 setup
I cannot understand this. It appears to be a firewall issue
and not an Apache issue since it works for the outside world.
I assume there is something about aliasing networks to a single
nic that I don't understand.
Any insights would be appreciated.
Thanks
--
Jim Freeze
"Give some people an attoparsec and
they'll take 16.093 Tera-angstroms"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020222081936.A13548>