From owner-freebsd-questions  Fri Feb 22  5:20:28 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from freebsdportal.com (freebsdportal.com [63.106.140.203])
	by hub.freebsd.org (Postfix) with ESMTP id B97B337B405
	for <freebsd-questions@freebsd.org>; Fri, 22 Feb 2002 05:20:20 -0800 (PST)
Received: (from jfreeze@localhost)
	by freebsdportal.com (8.11.6/8.11.6) id g1MDJae13634
	for freebsd-questions@freebsd.org; Fri, 22 Feb 2002 08:19:36 -0500 (EST)
	(envelope-from jfreeze)
Date: Fri, 22 Feb 2002 08:19:36 -0500
From: Jim Freeze <jfreeze@freebsdportal.com>
To: freebsd-questions@freebsd.org
Subject: ifconfig alias & Apache & gateway interaction
Message-ID: <20020222081936.A13548@freebsdportal.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi:

I have what I think may be a firewall problem, but I cannot
explain it. On my machine, which is both a gateway and an http
server, I have two IPs. I have setup my /etc/rc.conf as

 fconfig_sis0="inet a.b.c.203 netmask 255.255.255.248"
 ifconfig_sis0_alias0="inet a.b.c.204 netmask 255.255.255.248" # sm

where I have replaced the actual first three numbers of the IP address
with a, b and c, respectively, to protect the innocent.

Inspecting the network configuration from the command line I get:

 ifconfig -a
 sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         inet6 fe80::2a0:ccff:fe78:2395%sis0 prefixlen 64 scopeid 0x1
         inet a.b.c.203 netmask 0xfffffff8 broadcast a.b.c.207
         inet a.b.c.204 netmask 0xfffffff8 broadcast a.b.c.207
         ether 00:a0:cc:78:23:95
         media: Ethernet autoselect (10baseT/UTP)
         status: active

My machine now has two IPs. I configured apache in an IP vhost
configuration so it could serve up domains domain1(a.b.c.203)
and domain2(a.b.c.204):

NameVirtualHost a.b.c.203

<VirtualHost a.b.c.203>
  ServerName www.domain1.com
  DocumentRoot "/path_to_domain1/htdocs"
</VirtualHost>

<VirtualHost a.b.c.204>
  DocumentRoot "/path_to_domain2/htdocs"
  ServerName www.domain2.com
</VirtualHost>

There is no default server.


Since I have read and followed the docs, you would expect all this
to work, and it DOES WORK. Access to domain1 works fine if I am
at the gateway machine or not.  Access to domain2 works fine from
outside the firewall and from the local LAN, but NOT when I am on
the gateway machine.

Trying domain2 on the gateway machine I get:
 telnet www.domain2.com 80
Trying a.b.c.204...


My applicable firewall rules are:

01500 allow tcp from any to a.b.c.203 80 setup
01600 allow tcp from any to a.b.c.204 80 setup

I cannot understand this. It appears to be a firewall issue
and not an Apache issue since it works for the outside world.
I assume there is something about aliasing networks to a single
nic that I don't understand.

Any insights would be appreciated.
Thanks
-- 
Jim Freeze
"Give some people an attoparsec and
they'll take 16.093 Tera-angstroms"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message