multiple network interfaces

[sciguy125]

One of my boxes happens to have two network interfaces on it. My ISP also happens to allow me to have several computers connected to the internet. So, I this system can have two IPs on the individual interfaces. What I want to do is separate programs by interface. eg. apache and ftp on one interface and other things on the other interface. These are dynamic IPs, so I can't just bind the servers to an address. Is it possible to bind them to an interface?

[stevea]

That depends on the individual application. In brief - yes it is completely possible to open a listen socket (for example) on a specific interrface, but to do this with a service requires that they expose this feature in their config files. The socket libraries can resolve an interface name (like eth1) to a ifnumke 2) and this is part of the local address opened by th socket. OTOH many applications open the local ide based on IP address or they use the any-any rule !

I would have thought that most serious network services have this capability in their configs. OTOH I don't see this in the sshd_config Listen parameter (it selects based on IP only I think) !

[stevea]

Let me ask you a question - why do you want to do this ?

I mean the fastest home Inet access is maybe 15-20Mbps, and the slowest dual-iface on a mobo is 100Mbps (more likely 2x1Gbps these days). So you are not buying any bandwidth. You can certainly have two URLs resolve to the same IP address - yo uyou can use dyndys or whatever to get a couple URL names for your one interface.

The one legitimate use would be to run different services on the differnt interfaces (say two different httpd servers - one on each iface. And ftp servers with different perms or whatever.

You can always use iptables to close the ports on one or the orther interface so you only see httpd on one interface and the ftp on the other (or whatever.


You also have a routing issue - let's say your eth0 and eth1 get assigned 77.12.34.56/20 and 77.12.34.78/20 respectively and both gate to your ISP's local router at 77.12.30.01 - so what sort of routine table makes sense here ?

I think your first question should be "how do I get dhcp to assign two(or ten ...) IPs to my first interface. Yeah - you can assign upto 4k (I think) IPs to the same interface.

[Iron_Mike]

Quote:

Originally Posted by sciguy125

One of my boxes happens to have two network interfaces on it. My ISP also happens to allow me to have several computers connected to the internet. So, I this system can have two IPs on the individual interfaces. What I want to do is separate programs by interface. eg. apache and ftp on one interface and other things on the other interface. These are dynamic IPs, so I can't just bind the servers to an address. Is it possible to bind them to an interface?

Yes networking 101, theoretically I could have infinite number of computers tied into my ISP's network. BUT data transfers would suck big time. You are trying to use a computer with 2 nics to act as an router, this is doable but a PITA. Too make life easier and a whole lot simplier buy a home based router/switch , use the DMZ settings on the router to redirect data to to your apache/ftp server and everything else redirect to the other port.

[marcrblevins]

I would go with Iron Mike, I have a cheapo 3com secure router I bought on eBay for $50. It does a great job! Stops DDOS, DMZ, forward port to certain servers, etc. All PCs has one 3com NIC. Its fast enough.

Some guys like to have a linux box to be a (iptables based w/2 NICs)router, nothing else, thought that was energy inefficiant(spell?). Secure router uses 15 watts, compare to PC runs some over 100 watts.
Whoops, I'm not nagging, its user's preferences how they want to run a router, PC based, or hardware router based.