Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Jun 1997 13:24:58 -0700 (PDT)
From:      Dan Busarow <dan@dpcsys.com>
To:        Simon N Atkin <simat@enta.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Two Ethernet Interfaces in one machine for Firewall, possible ??
Message-ID:  <Pine.UW2.3.95.970605131426.23107F-100000@cedb>
In-Reply-To: <3396E95F.1C35@enta.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 5 Jun 1997, Simon N Atkin wrote:
> I have assigned seperate IP's to each interface in
> /etc/sysconfig but on start I get the error
> 
> ifconfig: ioctl (SIOCAIFADDR): File exists,

Your trying to setup two identical routes.

> if we ifconfig -a we get
> 
> de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet 194.x.x.99 netmask 0xffffff00 broadcast 194.x.x.255
>         ether 00:80:c8:37:70:ce 
> ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet 194.x.x.100 netmask 0xffffff00 broadcast 255.255.255.0
>         ether 00:80:c8:37:b9:18 

The two cards need to be on different networks, routing
works between networks.

> Note the broadcast on the second interface (ed1).
> It must be possible to have two interfaces on one machine
> as how do you efficiently build a firewall system ???

Put the protected machines on an RFC1918 address like
192.168.1.0 and set gateway=YES in rc.conf/sysconfig

Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.UW2.3.95.970605131426.23107F-100000>