Virtual network interface to multiple interfaces?

Programming and Web Development Forums - unix - FreeBSD operating system.

Skip to content

Virtual network interface to multiple interfaces?

unix
Post a reply

    Next

  • 1. WiFi Sniffer Recommendations
    Hi, we are just starting to evaluate some wireless networking kit (802.11g), at work and I need to build a 'sniffer' to check what's going on. I have a laptop with FreeBSD 5.2.1 which I otherwise use for 'wired' sniffing and need a PCMCIA card to suit. I'm hoping to start with 'kismet' and see where I go from there. Can anyone recommend a make/model of card which is suitable as I'm confused about which makes/chipsets are supported :-( Steve.
  • 2. Swap sharing
    Hi all, I plan to reinstall all OSs on a 80 GB HDD. I plan to install Slackware (or any other Linux distri) and FreeBSD. I also plan to separate swap partition of 400 MB (RAM size=192MB). I wonder if this swap space can be shared between the Linux and BSD systems. Anyway only one of them is going to be active at any onr pint of time!. a) Have any of you folks tried this? b) If you have tried am I walking into a trap? :-) c) How sound is this type of partitioning (is there any technical limitation to such sharing; is it even possibe) Thanx , Joji
  • 3. tripwire2 on 5.x?
    Hello, Has anyone got the tripwire2 port going under 5.x? Thanks. Dave.
  • 4. Test 1-4 .. SORRY.
    My apologies for those previous tests. comp.unix.bsd.freebsd.misc is right above my local test group, and I went post happy with tin. I'm sending cancels, so if they show up - the cancels are being filtered off somewhere. My apologies.

Virtual network interface to multiple interfaces?

Postby The Other Guy » Wed, 08 Sep 2004 11:46:42 GMT 

Hi,

I have a VPN (tun0) that operates over my Internet connection (fxp0). 
I'm using PF and HFSC to manage traffic (5.3 Beta 3), and it works well, 
until I try to introduce the VPN in to the rules.

The problem is, I need to be able to prioritize traffic accross both 
interfaces, not just fxp0. It isn't sufficient to just treat all VPN 
traffic as a single stream, I need to be able to manage individual 
protocols within the VPN and data sent directly to the Internet.

It would seem the simplest solution is to create a virtual interface 
where both data to and from fxp0 and tun0 can be treated as a single 
interface. The VPN carries handles a different subnet from the LAN, so 
distinguishing between them in the rulesets should be quite simple.

Any suggestions welcome.

Thanks,

The Other Guy
Top

Similar Threads:

1.single interface multiple networks + broadcast to all networks 

Hello, 

I have a machine which is in one network say 192.168.1.0. 
But we have here a configuration where two networks 192.168.1.0
and 192.168.2.0 are local and directly available. 
So I had to set up two routes to the local networks.
Now this machine should be a cups-server to both networks 
and broadcast his cups-information into both networks. 
I seems that I can sent only broadcast-packets  to the network 
where the host belongs.
Is it so uncommon to sent broadcast into the other network?
Or must be the source of a broadcast packet originate in the same network?
Do I have to enable something under /proc/sys/net/...
Or is just cups broken? 


Greetings, 
	David

2.IPTables with Virtual Interfaces and Multiple Public IPs 

Hello everyone, I am not new to linux, but I am by no stretch an
expert. I have looked at all the other forums for my solution but I
cant seem to get it to work. Here is my situation.

Multiple Public IP addresses feed into a single ubuntu 7.04 server
linux box runing an iptables firewall. The server has 2 nics, 1
external 207.xxx.xxx.xxx and the other nic is for the internal network
192.168.yyy.yyy with multiple servers that need all the same ports.
For instance, there is a windows media server (among the ports is 80),
a server for web hosting (again port 80), and a development web server
(another on port 80) so you can see the need for the multiple public
ips. I want 207.xxx.xxx.42 to point to one, .43 to point to another,
and .44 to point to the last.

.42 -------|         |------------------- |         |  server 1 .50
.43 -------|---------| gateway       |---------|  server 2 .51
.44 -------|         |------------------- |         |  server 3 .52

The external interface on the gateway is set up for eth0, and I have
setup virtual interfaces to handle the different ip addresses

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 207.xxx.xxx.42
    netmask 255.255.nnn.nnn
    gateway 207.xxx.xxx.41

auto eth0:0
iface eth0:0 inet static
    address 207.xxx.xxx.43
    netmask 255.255.nnn.nnn

auto eth0:1
iface eth0:1 inet static
    address 207.xxx.xxx.44
    netmask 255.255.nnn.nnn

auto eth1
iface eth1 inet static
    address 192.168.yyy.yyy
    netmask 255.255.255.0

The virtual interfaces work, i can connect to the ip address, ping
them, and so forth.

But when I try to access port 80, only the .42 address works
correctly. Here is how I have iptables set up.


#!/bin/sh

EXTIF1="eth0"
INTIF="eth1"
INTR="192.168.yyy.yyy/24"
IPT="/sbin/iptables"

echo 1 > /proc/sys/net/ipv4/ip_forward

modprobe ip_conntrack
#modprobe ip_conntrack_pptp
#modprobe ip_nat_pptp

# Clear the iptables configuration
$IPT -P FORWARD DROP
$IPT -P INPUT DROP
$IPT --flush
$IPT -t nat --flush
$IPT -X
$IPT -t nat -X

# Setup the default IPTABLES config for internet access
$IPT -t nat -A POSTROUTING -s $INTR -j MASQUERADE
$IPT -A FORWARD -s $INTR -o $EXTIF1 -j ACCEPT
$IPT -A FORWARD -d $INTR -m state --state NEW,ESTABLISHED,RELATED -j
ACCEPT

# PORT FORWARDING

####  MEDIA ####
EXTIP1="207.xxx.xxx.42"
MEDIA="554,1755,80,3389,8080"
MEDIAUDP="5004,5005,1755,1024:5000"
$IPT -t nat -A PREROUTING -p tcp -m multiport -i $EXTIF1 -d
207.xxx.xxx.42 --dport $MEDIA -j DNAT --to 192.168.yyy.50
$IPT -t nat -A POSTROUTING -p tcp -m multiport --sport $MEDIA -o
$EXTIF1 -s 192.168.yyy.50 -j SNAT --to-source 207.xxx.xxx.42
$IPT -A FORWARD -p tcp -m multiport -d 192.168.yyy.50 -o $INTIF --
dport $MEDIA -j ACCEPT

..... same lines only for udp instead of tcp. Then I have a definition
for all the other hosts with their respective ip addresses for
external and internal. Then at the end of the script I have


# Enable Traffic Logging on everything except ssh or web
IGNORE="22,80"
$IPT -A INPUT -p TCP -m multiport --dport ! $IGNORE -j LOG --log-
prefix "[IN][dst]: " --log-level 4
$IPT -A INPUT -j ACCEPT

$IPT -A OUTPUT -j ACCEPT

$IPT -A FORWARD -p TCP -m multiport --dport ! $IGNORE -j LOG --log-
prefix "[FORWARD][dst]: " --log-level 4
$IPT -A FORWARD -j ACCEPT

so that is basically what I have. Yet only web on the .42 address
works. When I hit .43 or .44 all I get is a page not found error. Can
someone debug the script and tell me what I am doing wrong? Its
basically cobbled together from other scripts that I have found on the
internet. If you dont know whats wrong with my script, could you
provide an example script of what should work with my configuration?

Thank you in advanced to all who reply

Regards
Martin Fowler

3.one physical interface, 3 virtual interfaces, and inetd 

I have an embedded box with a single ethernet interface that I will 
configure as some number of virtual interfaces:

eth0:0 - 192.168.1.1
eth0:1 - 192.168.1.2
eth0:2 - 192.168.1.3

A request will come in on a particular interface and port, say 
192.168.1.2:8037 and will invoke a program.

Here's the part I don't understand:

The program that is invoked has to take different action depending on 
which IP address was used.

Is there some way for a program invoked by inetd to get the connection 
information?

The program acts as an intelligent relay of sorts, acting as a bridge 
between the requestor on the network and a piece of hardware connected 
to a serial port.

For reasons of scalability, it would be much easier to have 1 serial 
mapped to 1 IP address; there are hundreds of these clusters, and some 
have 1, 2, 3, or 4 connections.

(Yes I could probably do it with sockets, but I already have the bridge 
software written and tested with inetd, so why reinvent the wheel if I 
don't have to....)

--Yan

4.Problem with multiple virtual interfaces

5.Multiple Virtual Ethernet Interfaces 

For the past few days I've been toying around with the bridge utils
packages and the tap/tun drivers trying to create multiple virtual
ethernet interfaces that can be configured with DHCP off one physical
ethernet card. Is this possible?

Current setup:

tunctl (creates tun0 with unique MAC)

brctl addbr br0
brctl addif br0 eth0
brctl addif br0 tap0
brctl stp br0 off

ifup eth0 (works with dhcp)
ifup tap0 (does not work with dhcp)

System is a vanilla ubuntu server install.

Thanks in advance for any help/guidance.

-Chris

6. howto delete virtual network interfaces?

7. Broadcasting with multiple network interfaces

8. hostname for a system with multiple network interfaces

Post a reply

Return to unix

 

Who is online

Users browsing this forum: No registered users and 76 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group