Re: 2 Nics and default route

From: Chip C (chipc_0517_at_yahoo.com)
Date: 06/09/04 

Date: 9 Jun 2004 09:38:55 -0700

openbsd@hebro.de (helge brodersen) wrote in message news:<c998c0a4.0406072353.49c6c675@posting.google.com>...
> > > Hello,
> > >
> > > i have 2 NICs in my openBSD 3.5 machine. They are named ne3 and xl0.
> > > As i seet it the interfaces are handled alphabetically, therefor the
> > > ne3 is handled by netstart first and the default route is set on this
> > > interface. But i want it on the other IF, a 3com card with lower
> > > processor load on data transmission. The ne3 is for spare and special
> > > operations, and i don't want to open the machine again.
> > > Is there a more elegant way to set the default route on the second
> > > NIC,than deleting and setting in rc.local, for example.
> > > Later on this machine will connect some clients to the internet
> > > through dial-in with PPP, do i have to consider this at this moment or
> > > is there no influence between PPP, TCP/IP and setting the routes.
> > > The clients have all static IP-adresses.
> > >
> > > For my excuse:
> > > i'm new on openBSD, but coming from windows(TM) and Linux, openBSD
> > > serves much much more clearness in all aspects. i like it.
> > >
> > > TIA,
> > >
> > > helge
> >
> > Are both these interfaces assigned addresses on the same subnet?
> >
> > Most commonly (to avoid saying "normally") each interface is assigned
> > an address which, in the context of its netmask, is on a unique
> > subnet. Then you indicate your default router in /etc/mygate and the
> > kernel figures out which interface to use to get to it.
> >
> > If for some reason you want the cards addressed in the same subnet,
> > then I think you'll find it's difficult to control which interface is
> > used for any traffic. Sometimes people want to restrict a
> > high-performance interface to something (nfs, backups, etc); this can
> > be done by artificially restricting the netmask, but you usually need
> > to configure the routers involved to be in on the game, by which time
> > you may as well have defined a new subnet. If the ne3 is spare or for
> > testing, why not keep it offline or assign it a private address?
> >
> > I find it helpful to remember as an underlying principle that Unix
> > (BSD, Linux) routing logic is based on addresses, not on interfaces.
> > IE, the kernel first decides what *remote gateway* a datagram needs to
> > be sent via, and then the choice of interface follows directly (and
> > without a lot of room for options) based on addresses and netmasks.
> > When I last worked in non-trivial Windows networks, which was with NT
> > 4.0, Windows seemed to think about routing differently (to avoid
> > saying "horrifically broken").
> >
> > Chip C
> > Toronto
>
>
> You guessed right. I planned to put them in the same subnet. And your
> answer is very worthful for me to understand openBSDs network
> principles.
> Keeping the ne3 offline only moves the problem in the future.
> I will put the ne3 in another subnet. Does that solve the problem that
> the ne3 is the first to be initialized and gets the default route?
> Where do i set the subnet mask all my other machines belong to, so
> that all communication is done via xl0?
>
> Helge,
> Berlin

Pleased to be of help.

The order of initialization has nothing to do with default route; the
default route is set in /etc/mygate (which contains the address of the
remote gateway/router; it does not directly name an interface).

Netmasks are set on each machine (unless you're using DHCP, in which
case the netmask is sent with the address). In OpenBSD the netmask is
set in /etc/hostname.<ifname>; see the man page on "hostname.if".
Other OSes have their own way. Of course the router/gateway needs to
have it set too. Like the IP address, it is not a property that
belongs to the machine as a whole; rather, it is set on each interface
-- or more precisely, it is set for each IP address, as you may have
multiple addresses per interface. Regardless of how it's set,
"ifconfig" on all (?) Unix variants will show the netmask with each
address.

All machines in the subnet should have the same netmask set and you
should not have overlapping subnets; ie, realize that
10.0.0.0/255.255.0.0 and 10.0.1.0/255.255.255.0 overlap (the latter is
wholly included in the former). This might be a fun experiment but if
it happens by accident it's likely to cause great confusion.

Chip C
Toronto

Relevant Pages

  • Re: Help with NGREP to capture web traffic on a LAN with daily compressed files
    ... "All machines in the range of 192.168.x.x" describes as many as 256 ... only on the same machine if that machine is functioning as a router). ... Thats because the 10.0.0.1 interface and the router are the only ... is yet another subnet you've just thrown into the mix. ...
    (comp.os.linux)
  • Re: 2 Nics and default route
    ... I planned to put them in the same subnet. ... >> answer is very worthful for me to understand openBSDs network ... >> Where do i set the subnet mask all my other machines belong to, ... > case the netmask is sent with the address). ...
    (comp.unix.bsd.openbsd.misc)
  • Problem with multiple ethernet interfaces
    ... I have added an additional PCI NIC card. ... interface from the 10.5.5.0/24 subnet. ... interface from the 192.168.1.0/24 subnet. ... However, all machines in the ...
    (Debian-User)
  • Re: Routeing problem - Please help
    ... >> machines from my main office network. ... >> the router interfaces. ... >If you examine the netmask in use for each subnet, ... >is limited to the 255 address on that subnet only. ...
    (linux.redhat)
  • Re: Upgrade of Solaris 06/06
    ... I cannot ping other machines. ... inet 192.168.34.232 netmask ffffffc0 broadcast 192.168.34.255 ... I guess try the "usual suspects" unplumb,plumb the interface. ...
    (comp.unix.solaris)