Re: FreeBSD 2 nic one to route one to DB - how do I?

Who Know wrote:
"Who Know" <jr_115@xxxxxxxxxxx> wrote in message news:44f4dc04$0$13977$edfadb0f@xxxxxxxxxxxxxxxxxxxxxxx
"Edward Salonia" <esalonia@xxxxxxxxx> wrote in message news:IO6dnYYghv8dUmnZnZ2dnUVZ_v-dnZ2d@xxxxxxxxxxxxxxx
Who Know wrote:
"Edward Salonia" <esalonia@xxxxxxxxx> wrote in message news:ztydnRCD2YEbI2nZnZ2dnUVZ_r2dnZ2d@xxxxxxxxxxxxxxx
Who Know wrote:
I have a lovely server whit two nics. I want to "abuse" them both :)

The first nic should handle the normal www traffic (The outsite card)
The second nic should route to the DB server.

My OS is FreeBSD 6.1-RELEASE
www= Apache 2.2

The DB is Mysql 5.x

My IP-Addresses is 87.52.171.128/24 and the IP to the first nic is 87.52.171.131

How do I set this up to force the second nic only to get to the DB server (Only one nic installed)

Other hardware to use for networking build is two swicthes One fare better than the second, therefore I'll prefere to only use that one. One Cisco router.

I have been reading a lot on this site http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html but i didn't understand it :/ mayby I have been reading to little.

Please give me the exact scipting lines and setup (For dummies)


Not sure of the config file with MySQL but with regards to apache. There is a directive to specify what address/nic it will listen on. I would guess the same goes for the sql config file.
My sitution is better explained here:
http://www.vbulletin.org/forum/showthread.php?t=111191

or if you can't access the page you can see a copy here:

http://gndindex.com/showthread.php?p=3410#post3410
Oh ok, I didn't understand fully... It seems to me, and I could be wrong. But I dont think you need a public IP for the DB server. Just put the DB server and the second nic on the webserver on its own private network. I think that will work since the Web server will be talking to the db server, not the public clients accessing the site... As for routing, you should have to do anythign special since from the point of view of the web server, it will be able to hit both networks it is attached to.

for example. the webserver will have 2 nic's (1 has pub ip for http access) (1 for private net between itself and db server for db connect)

priv nic on webserver 192.168.1.1 255.255.255.252
nic on db server 192.168.132.2 255.255.255.252

Am I any closer to understanding what you want to do?
Very close :) but....

What do I set the defaultrouter="?" to on the DB server? and should I add
gateway_enable="YES" and/or router_enable="YES" on the www server?

rc.conf on www server:

defaultrouter="87.52.171.129"
hostname="ns0.reck.dk"
ifconfig_em0="inet 87.52.171.131 netmask 255.255.255.224"
inetd_enable="YES"
keymap="danish.iso"
keyrate="fast"
sshd_enable="YES"
usbd_enable="NO"
sendmail_enable="NONE"
xntpd_enable="YES"
xntpd_flags="-g -p /var/run/ntpd.pid"

ifconfig_em1="inet 192.168.1.1 netmask 255.255.255.252"

#gateway_enable="YES"
#router_enable="YES"
#natd_enable="YES"
#natd_interface="87.52.171.131"

Make this result: (2 difrent switches)

ns0# ping db.reck.dk
PING db.reck.dk (192.168.132.2): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host

make this result: (same switch)

ns0# ping db.reck.dk
PING db.reck.dk (192.168.132.2): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host

The same happen from db to www server :(



you won't get very far without a proper DNS where th FBSD machine can work with.

You won't get very far between any link or connection with missing information.


So your FBSD machine is dual homed (2 NICs).. how do you want to setup the apache server? example:

<Big Internet>
\-> (NIC #1 on FBSD) FBSD NIC
\-> (NIC #2 on FBSD) DB server

-OR-

<Big Iternet>
|-> FBSD NIC #1
\-> DB server



Option 1 needs both NICs, option 2 only needs one NIC.

Do you have DHCP on your internal network? DNS? Is the FBSD your gateway aka router?

the advantage of option 2 is that anybody in the world can hit your database server, and exploit it, if there's a bug. Big benefit. J/K

The advantage of option 1 is security -- you only have one machine exposed.

please post more specs, I won't likely help again without them. Post the specs I asked for above, and I'll consider assisting.
.

Relevant Pages

  • Re: Help!! Web Server outage - ping failure
    ... :I have a Windows 2003 web server running IIS sitting behind a pix 506. ... Why would you allow ping responses from your router, ... Did you try the NICs in other ...
    (microsoft.public.inetserver.iis)
  • Re: Weird Network Connectivity Problem
    ... choose a different switch port than the one you've been using. ... When this happens x199 can ping anything on the ... local network EXCEPT the SBS server, ... I've changed NICs, workstation IP, all the simple ...
    (microsoft.public.windows.server.sbs)
  • Re: Multihomed server 2000
    ... I have a server with 2 NICs; ... and everything on this NIC is normal and active; I can ping it ... for 192.168.200 to the RRAS router. ...
    (microsoft.public.windows.server.networking)
  • Re: Ping reply through the same interface
    ... You are *not* supposed to have two nics in the same subnet unless they are ... If they are in the same subnet they will not work as you want. ... If the source of the Ping is not in the same subnet as the nic it pinged ... Routes leaving the server are determined by the Destination and how the ...
    (microsoft.public.windows.server.networking)
  • Re: Remote Web Desktop Connection - DHCP scope
    ... ping the server and the isp dns as well as access the 'net. ... the workgroup computers can access the internet through the server. ... workgroup computer I can ping 192.168.16.2 but not the router 192.168.1.1 see ... I have a couple of questions, when setting up the two nics, I have not ...
    (microsoft.public.windows.server.sbs)